SSL OCSP stapling won't enable
MacLemon
nginx.org at maclemon.at
Sat Dec 14 20:12:55 UTC 2013
Only when I set `ssl_stapling_verify off;`I can get OCSP stapling to work on my setup. In my experience helps to (re)load the page a few times before testing with SSLLabs to give the server time to fetch the OCSP response.
Best regards
MacLemon
On 14.12.2013, at 08:06, justin <nginx-forum at nginx.us> wrote:
> According to ssllabs.com SSL OCSP stapling is not enabled, even though I
> have the following in my http block:
>
> ssl_stapling on;
> ssl_stapling_verify on;
> ssl_trusted_certificate /etc/pki/tls/certs/ca-bundle.trust.crt;
> resolver 8.8.4.4 8.8.8.8 valid=600s;
> resolver_timeout 15s;
>
> Any idea why? Here is my full ssllabs.com report:
> https://www.ssllabs.com/ssltest/analyze.html?d=commando.io
More information about the nginx
mailing list