scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-11-01 11:08:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add known issue about OCSP GET redirection responses (#19523)

Browse Source
This commit is contained in:
Steven Clark
2023-03-17 14:07:04 -04:00
committed by GitHub
parent 00150a5040
commit 98f4d1f8c2
3 changed files with 16 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
website/content/docs/upgrading/upgrade-to-1.12.x.mdx
View File

@@ -182,3 +182,5 @@ As a workaround, OCSP POST requests can be used which are unaffected.
Affects version 1.12.3. A fix will be released in 1.12.4. Affects version 1.12.3. A fix will be released in 1.12.4.
@include 'tokenization-rotation-persistence.mdx' @include 'tokenization-rotation-persistence.mdx'
@include 'ocsp-redirect.mdx'

4
website/content/docs/upgrading/upgrade-to-1.13.x.mdx
View File

@@ -78,4 +78,6 @@ are unaffected.
## Known Issues ## Known Issues
@include 'tokenization-rotation-persistence.mdx' @include 'tokenization-rotation-persistence.mdx'
@include 'ocsp-redirect.mdx'

11
website/content/partials/ocsp-redirect.mdx Normal file
View File

@@ -0,0 +1,11 @@
### PKI OCSP GET requests can return HTTP redirect responses
If a base64 encoded OCSP request contains consecutive '/' characters, the GET request
will return a 301 permanent redirect response. If the redirection is followed, the
request will not decode as it will not be a properly base64 encoded request.
As a workaround, OCSP POST requests can be used which are unaffected.
#### Impacted Versions
Affects all current versions of 1.12.x and 1.13.x