From 26d633baf83994e79d2961fa9f5b37ef5b0ab800 Mon Sep 17 00:00:00 2001
From: Francis Lavoie <lavofr@gmail.com>
Date: Sat, 19 Feb 2022 16:20:38 -0500
Subject: httpcaddyfile: Disabling OCSP stapling for both managed and unmanaged
 (#4589)

---
 caddyconfig/httpcaddyfile/tlsapp.go | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'caddyconfig')

diff --git a/caddyconfig/httpcaddyfile/tlsapp.go b/caddyconfig/httpcaddyfile/tlsapp.go
index 48506d8..daaec95 100644
--- a/caddyconfig/httpcaddyfile/tlsapp.go
+++ b/caddyconfig/httpcaddyfile/tlsapp.go
@@ -301,6 +301,11 @@ func (st ServerType) buildTLSApp(
 		tlsApp.Automation.RenewCheckInterval = renewCheckInterval
 	}
 
+	// set whether OCSP stapling should be disabled for manually-managed certificates
+	if ocspConfig, ok := options["ocsp_stapling"].(certmagic.OCSPConfig); ok {
+		tlsApp.DisableOCSPStapling = ocspConfig.DisableStapling
+	}
+
 	// if any hostnames appear on the same server block as a key with
 	// no host, they will not be used with route matchers because the
 	// hostless key matches all hosts, therefore, it wouldn't be
-- 
cgit v1.2.3