Client Cert Checking with OCSP Responder with HTTP/1.1
We have an LTM setup to check client certs on a Micoosoft PKI OCSP responder. We see the request traffic going to the OCSP server but are not getting a response back. Ping and telent on 80 from the LTM works so connectivity is ok. We see the request using HTTP/1.0 but may need to be using HTTP/1.1
Is there a way to change setting to use HTTP/1.1 for OCSP request? Or can the default irule _sys_auth_ssl_ocsp be edited to change to HTTP/1.1
We found this in some Micorosft documentation.
1.4 Relationship to Other Protocols The Hypertext Transfer Protocol (HTTP/1.1) [RFC2616] is the transport protocol for Online Certificate Status Protocol (OCSP) Extensions messages. 1.5 Prerequisites/Preconditions This protocol requires HTTP/1.1 ([RFC2616]) for transport of all messages.