Really Simple SSL

OCSP Stapling

OCSP Stapling

OCSP stands for Online Certificate Status Protocol. It is a tool to check the certificate status in real-time. When a user visits your site, an OCSP request is generally made to the Certificate Authority that issued the SSL certificate. This is done to verify the SSL certificate hasn’t been revoked. Since this check is done in real-time it can create a short delay. This is where OCSP stapling comes in. In short, OCSP stapling saves the results of this OCSP check on the webserver. This is then served on each request, improving load time. The saved result is then refreshed in periodic intervals.

However, some browsers and servers do not support OCSP stapling. In this case OCSP stapling can be disabled in the SSL certificate generation process. In the Really Simple SSL wizard, you can do this by enabling the ‘Disable OCSP Stapling’ option:

Mark

Mark

Related articles

Join our mailing list - 8 Tips & Tricks in your inbox over the next 8 weeks!