From e339b28159a86720898ad60bb90207ca68977192 Mon Sep 17 00:00:00 2001
From: Lukas Schauer <lukas@schauer.so>
Date: Wed, 12 Jul 2017 15:33:56 +0200
Subject: [PATCH] add host header to ocsp request

---
 dehydrated | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dehydrated b/dehydrated
index 785ea4c..7b8bd6d 100755
--- a/dehydrated
+++ b/dehydrated
@@ -1045,7 +1045,7 @@ command_sign_domains() {
       if [[ "${update_ocsp}" = "yes" ]]; then
         echo " + Updating OCSP stapling file"
         ocsp_timestamp="$(date +%s)"
-        "${OPENSSL}" ocsp -no_nonce -issuer "${chain}" -verify_other "${chain}" -cert "${cert}" -respout "${CERTDIR}/${domain}/ocsp-${ocsp_timestamp}.der" -url "${ocsp_url}" > /dev/null 2>&1
+        "${OPENSSL}" ocsp -no_nonce -issuer "${chain}" -verify_other "${chain}" -cert "${cert}" -respout "${CERTDIR}/${domain}/ocsp-${ocsp_timestamp}.der" -url "${ocsp_url}" -header "HOST=$(echo "${ocsp_url}" | _sed 's/^http(s?):\/\///')" > /dev/null 2>&1
         ln -sf "${CERTDIR}/${domain}/ocsp-${ocsp_timestamp}.der" "${CERTDIR}/${domain}/ocsp.der"
       fi
     fi
-- 
2.47.2