Ocsp stapling
fsantiago at deviltracks.net
fsantiago at deviltracks.net
Sun Aug 23 20:29:42 UTC 2015
Update;
it all works now. once i enabled ocsp stapling for ALL of my virtual
domains, they then all began reporting correct results.
- fabe
On 2015-08-23 09:55, Fabian Santiago wrote:
> Thanks.
>
> It does.
>
> Test produces no results.
>
> Not working on ssllabs (no result).
>
> I'm clueless. I've seen mention out on the web about making sure you
> define ocsp for the default site or none else will work. I also make
> use of sni as I only have one ip address.
>
> I have no truly "default" site configured.
>
> Could be related? I am new to nginx so I'm still learning lots. Thanks
> again.
>
> --
>
> Fabe
>
>
>> On Aug 23, 2015, at 4:00 AM, biazus <nginx-forum at nginx.us> wrote:
>>
>> Config files seems to be OK. Just make sure "ssl_trusted_certificate"
>> contais the intermediate & root certificates (in that order from top
>> to
>> bottom).
>>
>> You can test with the following command:
>>
>> echo QUIT | openssl s_client -connect yourhost.com:443 -status 2>
>> /dev/null
>> | grep -A 17 'OCSP response:' | grep -B 17 'Next Update'
>>
>> good luck
>>
>> Posted at Nginx Forum:
>> http://forum.nginx.org/read.php?2,261177,261185#msg-261185
>>
>> _______________________________________________
>> nginx mailing list
>> nginx at nginx.org
>> http://mailman.nginx.org/mailman/listinfo/nginx
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
More information about the nginx
mailing list