OCSP Stapling
OCSP Stapling OCSP stands for Online Certificate Status Protocol. It is a tool to check the certificate status in real-time. When a user visits your site, an OCSP request is generally made to the Certificate Authority that issued the SSL certificate. This is done to verify the SSL certificate hasn’t been revoked. Since this check is done in real-time it can create a short delay. This is where OCSP stapling comes in. In short, OCSP stapling saves the results of
How to add a TXT record to DNS
You will need to add a so-called TXT record to continue DNS verification while generating an SSL certificate with Let’s Encrypt by Really Simple SSL. We will explain how this is done, in some cases your hosting environment might look different, but the responding fields should be similar. If Really Simple SSL shows the following… Go to your hosting provider and choose DNS zone, DNS settings, etc to show a list of DNS records. Add a new TXT record and
Install a free SSL Certificate with Really Simple Security
You can use Really Simple Security to generate (and install) a free Let’s Encrypt SSL certificate on your WordPress website. Note: your hosting provider may prevent the manual installation of a third-party SSL certificate. Most commonly when the host also offer free SSL generation directly in their Hosting Control Panel. Some hosts only provide you with paid SSL certificate options. The Let’s Encrypt Wizard Really Simple Security skips the Let’s Encrypt Wizard if a valid SSL certificate is detected. If,
MOZILLA_PKIX_ERROR_REQUIRED_TLS_FEATURE_MISSING
MOZILLA_PKIX_ERROR_REQUIRED_TLS_FEATURE_MISSING This is an uncommon error which can occur when there’s an issue with OCSP stapling on your webserver. It happens when OCSP stapling is required, but not available. We recommend to contact your hosting provider about this issue, they will be able to enable OCSP stapling which will fix the issue. The other reason this error can occur is if you are behind a proxy. If that is the case, you can try the following to access the site:
Protect SSL generation directories
Protect SSL generation directories this warning occurs when your SSL certificate files aren’t protected. This happens when Really Simple SSL has created an ssl/certs and ssl/keys directory in your websites root folder. The public certificate (*.crt) being available is not an issue, it’s the private key (*.key) file that needs to be protected. To fix this issue, you can modify the file permissions to 644 for the .crt file and 600 for the .key file. You might have to ask your hosting provider