show ssl ocsp-response [[text|base64] <id|path>]
Display the IDs of the OCSP tree entries corresponding to all the OCSP
- responses used in HAProxy, as well as the issuer's name and key hash and the
- serial number of the certificate for which the OCSP response was built.
+ responses used in HAProxy, as well as the corresponding frontend
+ certificate's path, the issuer's name and key hash and the serial number of
+ the certificate for which the OCSP response was built.
If a valid <id> or the <path> of a valid frontend certificate is provided,
display the contents of the corresponding OCSP response. When an <id> is
provided, it it possible to define the format in which the data is dumped.
$ echo "show ssl ocsp-response" | socat /var/run/haproxy.master -
# Certificate IDs
Certificate ID key : 303b300906052b0e03021a050004148a83e0060faff709ca7e9b95522a2e81635fda0a0414f652b0e435d5ea923851508f0adbe92d85de007a0202100a
+ Certificate path : /path_to_cert/foo.pem
Certificate ID:
Issuer Name Hash: 8A83E0060FAFF709CA7E9B95522A2E81635FDA0A
Issuer Key Hash: F652B0E435D5EA923851508F0ADBE92D85DE007A
}
chunk_appendf(trash, "\n");
+ /* Dump the certificate path */
+ chunk_appendf(trash, "Certificate path : %s\n", ocsp->path);
+
p = ocsp->key_data;
/* Decode the certificate ID (serialized into the key). */
projects / thirdparty / haproxy.git / commitdiff
