Welcome! Log In Create A New Profile

Advanced

ssl stapling verify

Posted by stephan13360 
Forum List Message List New Topic
stephan13360
ssl stapling verify
October 16, 2013 06:01AM
SSL Stapling is working fine for me with just one line:

ssl_stapling on;

The SSL Labs Server Test shows that it is working.
Then i found ssl_stapling_verify in the nginx docs. I know what it is supposed to do but i dont know if it is doing anything. Below is my configuration, as you can see i am using a startcom certificate.

ssl_stapling on;
ssl_trusted_certificate /etc/ssl/startcom.bundle.ca.pem;
ssl_stapling_verify on;

I don't get any errors and it seems to be working. Then i tried changing the ssl_trusted_certificate to something different and was expecting errors from nginx, each time it would get a new OCSP response from the startcom server and tries to verify it. But as long as i give nginx a valid certificate (not from startcom) in ssl_trusted_certificate i don't get any errors.

So my Question is: How do i know that ssl_stapling_verify is actually working?
Reply Quote
Newer Topic Older Topic
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 305
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready