User Tools

Site Tools


howtos:check_if_ocsp_stapling_works

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

howtos:check_if_ocsp_stapling_works [d/m/Y H:i] (current)
Line 1: Line 1:
 +Simply run the following command and if it work it would look like this:
  
 +<​code>​
 +openssl s_client ​ -connect play.tv2.dk:​443 -status|grep -i ocsp
 +
 +depth=1 /​C=US/​O=GeoTrust Inc./​CN=RapidSSL SHA256 CA
 +verify error:​num=20:​unable to get local issuer certificate
 +verify return:0
 +OCSP response:
 +OCSP Response Data:
 +    OCSP Response Status: successful (0x0)
 +    Response Type: Basic OCSP Response
 +        Subject: CN=RapidSSL SHA256 CA OCSP Responder
 +            OCSP No Check:
 +                OCSP Signing
 +
 +</​code>​
 +
 +If it doesn'​t work or doesn'​t support OCSP stapling the response would be like this:
 +
 +<​code>​
 +
 +openssl s_client ​ -connect xxx.dk:443 -status|grep -i ocsp
 +depth=2 /​C=US/​O=GeoTrust Inc./​CN=GeoTrust Global CA
 +verify error:​num=20:​unable to get local issuer certificate
 +verify return:0
 +OCSP response: no response sent
 +</​code>​
howtos/check_if_ocsp_stapling_works.txt · Last modified: d/m/Y H:i (external edit)