From d85e90a7b4c06d1698d0b96b695b05d41833fcd3 Mon Sep 17 00:00:00 2001
From: Matthew Holt <mholt@users.noreply.github.com>
Date: Mon, 13 Mar 2017 09:30:58 -0600
Subject: [PATCH] tls: Only update OCSP staple if field is not nil (fixes
 #1514)

---
 caddytls/maintain.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/caddytls/maintain.go b/caddytls/maintain.go
index 21b61e13a..c9509ba6b 100644
--- a/caddytls/maintain.go
+++ b/caddytls/maintain.go
@@ -232,7 +232,7 @@ func UpdateOCSPStaples() {
 		// By this point, we've obtained the latest OCSP response.
 		// If there was no staple before, or if the response is updated, make
 		// sure we apply the update to all names on the certificate.
-		if lastNextUpdate.IsZero() || lastNextUpdate != cert.OCSP.NextUpdate {
+		if cert.OCSP != nil && (lastNextUpdate.IsZero() || lastNextUpdate != cert.OCSP.NextUpdate) {
 			log.Printf("[INFO] Advancing OCSP staple for %v from %s to %s",
 				cert.Names, lastNextUpdate, cert.OCSP.NextUpdate)
 			for _, n := range cert.Names {