Is it possible to enable OCSP Stapling?

Follow

Comments

4 comments

  • Avatar
    Lars Doe

    "it has to be assigned an IP"

    This doesn't seem to be necessary. I also didn't put the "SSLUseStapling" into the domain's additional directives, but into the same file as the "SSLStaplingCache".

    Test with SNI (-servername) is crucial:

    echo QUIT | openssl s_client -connect example.com:443 -servername example.com -status 2> /dev/null | grep -A 17 'OCSP'

     

  • Avatar
    Alexandr Shadrin

    Hello @Lars Doe.

     

    Thank you very much for the feedback, the I have made some adjustments to the article based on it.

  • Avatar
    Cfaessler

    Dear Plesk Supporter

    This seems to be a tutorial for CentOS.
    We have servers that use Debian.

    What is the equivalent for " /etc/httpd/conf.d/ssl.conf " in the directory " /etc/apache2/conf.d/ " if there is no file ssl.conf ?

    Best regards

    Cyrill Fässler
    System Operator

    hosttech GmbH

  • Avatar
    Alexandr Shadrin

    Hello @Cfaessler.

    As far as I can see, on Debian it should be /etc/apache2/mods-enabled/ssl.conf file.

Please sign in to leave a comment.

Have more questions? Submit a request