Website Security Solutions | Latest Guides

OCSP Stapling is an exciting technology supported by all recent servers and clients that with just a few minutes of your time will allow you to reduce the network load on your servers and provide faster load times for your sites and services.

How it works

SSL/TLS certificates signed by a Certificate Authority such as GeoTrust or Comodo must have a programmatic revocation mechanism. Traditionally, this came in the form of Certificate Revocation Lists (CRLs). When clients make a request to validate the chain of trust, one step in this process is pulling some metadata from the public x509 certificate of the server and reading an array of CRL endpoints to query. If the thumbprint of the certificate they are attempting to validate has been added to the CRL controlled by the issuer of the certificate, the certificate is presumed to have had its private key compromised, and the chain of trust validation fails. This mechanism works, but uses a lot of bandwidth on the part of both the server and the client. This results in longer load times for the user, especially if they have trouble resolving the CRL endpoint. OCSP Stapling flips this model on its head – instead of the client reaching out to the CA, the server queries the OCSP server periodically for signed, time-stamped response which it attaches to the certificate. This response makes its way to the clients, who can validate it on-the-fly without additional network calls.


OCSP Stapling in Nginx

If you’re running nginx as a reverse proxy in front of your other servers, that’s an ideal place to make this configuration change. It does not need to be made on each of the backing servers.

You’ll want to set two configuration directives inside your server block for each virtual host.

As a best practice, configuration items like these should live inside /etc/nginx/snippets/. They can then be applied to multiple virtual hosts.

Let’s assume you have a baseline SSL/TLS configuration you like to use in all of your virtual hosts, ssl.conf. Now we will create an ocsp.conf consisting of the following two lines:

ssl_stapling on;
ssl_stapling_verify on;

In your myconfig.conf, you can add two includes

include /etc/nginx/ssl.conf;
include /etc/nginx/ocsp.conf;

By organizing your configuration in this way, you only have to add one line at the top of each of your virtual hosts to take advantage of the server-wide configuration:

include /etc/nginx/snippets/myconfig.conf;


NGINX OCSP Stapling Config



OCSP Stapling in Apache

In modern versions of Apache (Apache has supported OCSP stapling for almost ten years at this point), you can add the following to /etc/apache2/mods-available/ssl.conf.

SSLUseStapling On
SSLStaplingCache shmcb:${APACHE_RUN_DIR}/ssl_stapling(32768)

This will enable OCSP Stapling globally.

Apache OCSP Stapling Config

OCSP Stapling in IIS

IIS has supported OCSP stapling since IIS 7 on Server 2008. However, there is one huge “gotcha”. If you use SNI to have multiple sites share a single port, OCSP becomes disabled unless you set the following registry key:

HKLM\System\CurrentControlSet\Control\SecurityProviders\Schannel\
EnableOcspStaplingForSni value 1

This can be created using the powershell command from an elevated prompt:

New-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\" -Name "EnableOcspStaplingForSni" -PropertyType DWord -Value 1


IIS OCSP Stapling Config



Verifying OCSP Stapling is enabled

You can verify that OCSP stapling is working properly by issuing:

openssl s_client -connect yourserver.something.com:443 -tls1 -tlsextdebug -status

and looking for the OCSP Response status.

Verify OCSP Stapling

Alternatively, Qualys provides a free SSL/TLS test which will tell you, among other things, if OCSP stapling is enabled. www.ssllabs.com/ssltest/


Author: Jeremy Schatten
Published:
Last Modified: 01-05-2019

    Next Guide...
    The Complete and Easy Guide to TLS1.3

    Transport Layer Security (TLS) provides the foundation for encryption in-flight. The first version of TLS, 1.0, replaced Secure Sockets Layer (SSL) in 1999. The latest version, 1.3, was finalized as a proposed standard in RFC 8446 in December of 2018. With it, comes enhancements in both speed and…