SSL OCSP stapling won't enable

Steve Wilson lists-nginx at
Sun Dec 15 01:37:38 UTC 2013

I'm using startssl for my certificates so had problems with the
ssl_trusted_certificate too.

just using resolver and ssl_stapling on got mine enabled.


Using openssl on the console's helpful too:

openssl s_client -connect \
 -tls1 -tlsextdebug -status < /dev/null| grep OCSP

Not working yet gives "OCSP response: no response sent"

give it time to gather the data and it then gives response data.


On 14/12/2013 20:12, MacLemon wrote:
> Only when I set `ssl_stapling_verify off;`I can get OCSP stapling to work on my setup. In my experience helps to (re)load the page a few times before testing with SSLLabs to give the server time to fetch the OCSP response.
> Best regards
> MacLemon
> On 14.12.2013, at 08:06, justin <nginx-forum at> wrote:
>> According to SSL OCSP stapling is not enabled, even though I
>> have the following in my http block:
>>  ssl_stapling on;
>>  ssl_stapling_verify on;
>>  ssl_trusted_certificate /etc/pki/tls/certs/;
>>  resolver valid=600s;
>>  resolver_timeout 15s;
>> Any idea why? Here is my full report:
> _______________________________________________
> nginx mailing list
> nginx at

More information about the nginx mailing list