Nope.Yes, it works for you.
I don't know what's wrong with my server.
Did you modify some rules in your csf for this to work?
I guess centmin mod default csf rules are strict.
# openssl s_client -connect phcorner.net:443 -status -tls1_2 | grep OCSP
depth=2 C = IL, O = StartCom Ltd., OU = Secure Digital Certificate Signing, CN = StartCom Certification Autho rity
verify error:num=19:self signed certificate in certificate chain
verify return:0
OCSP response:
OCSP Response Data:
OCSP Response Status: successful (0x0)
Response Type: Basic OCSP Response
Responder Id: C = IL, O = StartCom Ltd. (Start Commercial Limited), CN = StartCom Class 1 Server OCSP Sig ner
Subject: C=IL, O=StartCom Ltd. (Start Commercial Limited), CN=StartCom Class 1 Server OCSP Signer
OCSP Signing, OCSP No Check
What do you mean by this?I have a Verified Organization cert.
http://www.startssl.com/?app=40What do you mean by this?
Id this paid to achieve ?
2 years. You pay $59 more when you upgrade to Org verified. You don't need unless you are a registered company that does business with clients.OK, $59 for how many years?
Do you think I'm just fine on the Free plan?![]()
Is not working. You think it works because is not verified, but is wrong.I change:
ssl_stapling_verify on;
to
ssl_stapling_verify off;
It works now.
We use essential cookies to make this site work, and optional cookies to enhance your experience.