Lnxgeek.org Wiki - Freedom of choice, I choose Freedom

User Tools

Site Tools

You are here: start » howtos » check_if_ocsp_stapling_works
howtos:check_if_ocsp_stapling_works
no way to compare when less than two revisions

Differences

This shows you the differences between two versions of the page.


howtos:check_if_ocsp_stapling_works [02/12/2018 21:34] (current) – created - external edit 127.0.0.1
Line 1: Line 1:
 +Simply run the following command and if it work it would look like this:
  
 +<code>
 +openssl s_client  -connect play.tv2.dk:443 -status|grep -i ocsp
 +
 +depth=1 /C=US/O=GeoTrust Inc./CN=RapidSSL SHA256 CA
 +verify error:num=20:unable to get local issuer certificate
 +verify return:0
 +OCSP response:
 +OCSP Response Data:
 +    OCSP Response Status: successful (0x0)
 +    Response Type: Basic OCSP Response
 +        Subject: CN=RapidSSL SHA256 CA OCSP Responder
 +            OCSP No Check:
 +                OCSP Signing
 +
 +</code>
 +
 +If it doesn't work or doesn't support OCSP stapling the response would be like this:
 +
 +<code>
 +
 +openssl s_client  -connect xxx.dk:443 -status|grep -i ocsp
 +depth=2 /C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
 +verify error:num=20:unable to get local issuer certificate
 +verify return:0
 +OCSP response: no response sent
 +</code>
howtos/check_if_ocsp_stapling_works.txt · Last modified: 02/12/2018 21:34 by 127.0.0.1