Forum Stats

  • 3,838,711 Users
  • 2,262,395 Discussions
  • 7,900,739 Comments

Discussions

Strange OCSP requests

User_9N58C
User_9N58C Member Posts: 2 Green Ribbon

Hello, I'm using openjdk 1.8.0-212 on Linux and faced with issue:

During TLS connection establishing peer certificate should be checking using OCSP protocol.

I capture traffic and found that additional POST requests are send to the OCSP responder but not to server's path that described in the certificate. OCSP sends to the root path "/" to the server. I take a look at openjdk code http://www.docjar.com/html/api/sun/security/provider/certpath/OCSP.java.html and found that "static URI getResponderURI(X509CertImpl certImpl) {" function always return the full URI from the certificate.

Does anybody faced with the same strange POST requests from openjdk 1.8?