I am fine-tuning a single physical server running multiple virtual hosts defined by a macro and using SNI for access to each. The apache version is 2.4.43 and OpenSSL is 1.1.1g. OS is Debian 10 Buster.
In looking at the docs about OCSP it mentions possible problems with restarts when the cert provider may be offline and thus the base server should not be a virtual host. My question is: what is a "base server" in this context. For many years I have always listed my main virtual host as the base server but that was pre-OCSP. Do I now have to run a non-https server? Or does that mean I should define one server outside a virtual context? Or does that "virtual" refer to using mod_virtual which I do not use at all? Thanks. Best regards, -Tom
