Lnxgeek.org Wiki - Freedom of choice, I choose Freedom

User Tools

Site Tools

You are here: start » howtos » check_if_ocsp_stapling_works
howtos:check_if_ocsp_stapling_works

Simply run the following command and if it work it would look like this: 

openssl s_client  -connect play.tv2.dk:443 -status|grep -i ocsp

depth=1 /C=US/O=GeoTrust Inc./CN=RapidSSL SHA256 CA
verify error:num=20:unable to get local issuer certificate
verify return:0
OCSP response:
OCSP Response Data:
    OCSP Response Status: successful (0x0)
    Response Type: Basic OCSP Response
        Subject: CN=RapidSSL SHA256 CA OCSP Responder
            OCSP No Check:
                OCSP Signing

If it doesn't work or doesn't support OCSP stapling the response would be like this: 

openssl s_client  -connect xxx.dk:443 -status|grep -i ocsp
depth=2 /C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
verify error:num=20:unable to get local issuer certificate
verify return:0
OCSP response: no response sent
howtos/check_if_ocsp_stapling_works.txt · Last modified: 02/12/2018 21:34 by 127.0.0.1