On 01/16/2014 08:58 AM, Ender Erel wrote:
We want to use multiple OCSP servers, but the way I see it we can specify only one OCSP server in the configuration file. Is there any other way to do this?

Do you mean that you have a cluster of OCSP servers, and you want to distribute requests among them for increased redundancy or performance?

The current architecture of OCSP in stunnel only supports a single OCSP server.  Please contact me if you want to sponsor redesigning stunnel to support connecting a list of OCSP servers instead.  A similar functionality is currently implemented for the "connect" option.

Alternatively, the license of stunnel allows you to implement this feature by yourself.

Mike