diff options
Diffstat (limited to 'apache2/cron-daily/local-apache2-ocsp')
| -rwxr-xr-x | apache2/cron-daily/local-apache2-ocsp | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/apache2/cron-daily/local-apache2-ocsp b/apache2/cron-daily/local-apache2-ocsp new file mode 100755 index 0000000..95d0ba5 --- /dev/null +++ b/apache2/cron-daily/local-apache2-ocsp @@ -0,0 +1,17 @@ +#!/bin/sh +# +# local daily cron script to prefetch OCSP data for apache2 mod_gnutls + +set -eu + +# collect OCSP responses here +CACHEDIR=/var/cache/apache2/ocsp + +command -v ocsptool > /dev/null || exit 0 + +mkdir -p "$CACHEDIR" +chown www-data: "$CACHEDIR" + +runuser -u www-data -- \ + find /etc/ssl/shared -name '*.chain.pem' -exec \ + sh -c 'stem=$(basename --suffix=.chain.pem '"'{}'"') && ocsptool --ask --no-nonce --load-chain '"'{}'"' --outfile "'"$CACHEDIR"'/$stem.der" > /dev/null 2>&1' ';' |