Hello, I may in left field here but maybe you can point me in the right direction.
I would like to configure Nginx as a forward proxy for a server that is serving binary encoded objects/files used in PKI; specifically CRLs and X509.
These objects have “next update” periods in them that can be used as “cache” periods or atleast the input to them (basically clients/intermediates should never cache beyond those validity periods).
I was wondering if there was any way to leverage Nginx the work done by this project’s addition of LUA to Nginx to accomplish this.
For example I would want to extract the This update or Next update from a OCSP response:
openssl ocsp -respin ocspglobalsignca.resp -text
OCSP Response Data:
OCSP Response Status: successful (0x0)
Response Type: Basic OCSP Response
Version: 1 (0x0)
Responder Id: 70F9ACAFEFAF9D345FC498793CA452BB9D87EF72
Produced At: Oct 9 07:31:09 2013 GMT
Responses:
Certificate ID:
Hash Algorithm: sha1
Issuer Name Hash: A0720EA06A7C620254F2A8F59DD27BA4F3B72FA4
Issuer Key Hash: B0B04AFD1C7528F81C61AA13F6FAC1903D6B16A3
Serial Number: 1121A88BBF3F2260E5988C734C9F86E08C91
Cert Status: good
Next Update: Oct 9 07:31:09 2014 GMT
This Update: Oct 9 07:31:09 2013 GMT
And compute what the expires header should be based on those values; is this something can can be done with this project?
Thanks in advance,
Ryan
--
You received this message because you are subscribed to the Google Groups "openresty-en" group.
To unsubscribe from this group and stop receiving emails from it, send an email to openresty-en...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.