ocsp_proxy is a caching ocsp proxy. It accepts ocsp requests from any client, e.g. an ssl-webserver, and forwards the request to the corresponding ocsp responders or returns the ocsp response from cache. Can be used to mitigate unreliable ocsp responders that are, as required by murphy's law, always down when needed.
0.309 Feb 2018 15:34
when multiple certificates are detected in a single ocsp request, pass through. Also don't cache ocsp responses concerning multiple certificates.