SSL - OCSP stapling and nginx, rapidssl

Mouth

Well-known member
Does anyone have OCSP stapling active/working on their nginx with rapidssl certificate?

My nginx conf is ...
Code:
        ssl_certificate netrider.net.au.crt;
        ssl_certificate_key netrider.net.au.key;
        add_header Strict-Transport-Security $hsts_header;
        ssl_stapling            on;
        ssl_stapling_verify     on;
        ssl_trusted_certificate rapidssl.pem;

netrider.net.au.crt contains my server certificate
rapidssl.pem contains the intermediary certificate from https://ssl-tools.net/certificates/nakw2x-rapidssl-sha256-ca-g3

My SSLLabs test at https://www.ssllabs.com/ssltest/analyze.html?d=netrider.net.au is still showing OCSP stapling as no.
 
You need to have a resolver configured in there as well

Code:
  resolver 8.8.4.4 8.8.8.8 valid=300s;
  resolver_timeout 10s;
 
Top Bottom