Hello,

stunnel v5.53 ignores proxy settings when performing OCSP validation via AIA responders. An open issue for OpenSSL at their GitHub suggests that this is a feature request for them (https://github.com/openssl/openssl/issues/6965), thus not being a stunnel limitation itself, and I've asked for clarification in the openssl-users mainling list (https://mta.openssl.org/pipermail/openssl-users/2019-April/010285.html). In either case, I want do double-check it with you guys: is this really an OpenSSL limitation, or is this something that can be addressed in stunnel code?

Regards,

Daniel O.

Amazon Web Services EMEA SARL, 38 avenue John F. Kennedy, L-1855 Luxembourg, R.C.S. Luxembourg B186284

Amazon Web Services EMEA SARL, Irish Branch, One Burlington Plaza, Burlington Road, Dublin 4, Ireland, branch registration number 908705