OCSP STAPLING question

John11

John11

Verified User
Joined
Feb 15, 2022
Messages
12
Location
https://t.me/pump_upp
I have a question for you that I would like confirmation of.

But OCSP Must-Staple: No
He Supports OCSP Stapling: Yes

SERVER SUPPORTS OCSP STAPLING
The server supports OCSP stapling, which allows better verification of the certificate validation status.

So my hoster has added Supports OCSP Stapling, but this hosting apparently doesn't know that you should also enable Must-Staple.

Is this reasoning correct?

But now the question, if a Let's encrypt was already requested, can you turn on the Must-Staple yourself when you request Let's encrypt again.

Does that solve the problem then?
 
John11 said:
I have a question for you that I would like confirmation of.
Click to expand...
Forum search?

OSCP Must Staple

It's an old but still not common feature, but I guess it will grow popularity in future - OSCP Must Staple is an additional instruction bundled inside the TLS certificate which instructs the browser that the server MUST send an OSCP Stapling information. Question: Is there a way to implement...
forum.directadmin.com forum.directadmin.com
 
ikkeben said:
Forum search?

OSCP Must Staple

It's an old but still not common feature, but I guess it will grow popularity in future - OSCP Must Staple is an additional instruction bundled inside the TLS certificate which instructs the browser that the server MUST send an OSCP Stapling information. Question: Is there a way to implement...
forum.directadmin.com forum.directadmin.com
Click to expand...
Thank you for your comment

My suspicion is that the hosting does half the job.

OCSP Stapling may be on, but I don't think it's useful at all if Must-Staple is turned off.

Hence the question, can you enable Must-Staple if you refresh Let's Encrypt so this is what I just don't remember.
 
You must log in or register to reply here.
Back
Top