Hello, i have server with SSL certs for server itself and for one Domain.
I noticed that SSL stapling is not working:
Is it supposed to be somewhere in the includes, or is it not implemented at all?
I would like to get OCSP stapling going, because it allows the TLS server to include a recent OCSP response in the TLS handshake so that the client doesn't have to perform its own check. This also reduces load on the OCSP server.
Server version: Apache/2.4.6 (Unix)
Cpanel::Easy::Apache v3.22.6 rev9999
OpenSSL 1.0.0-fips 29 Mar 2010
CENTOS 6.4 x86_64 virtuozzo
Thanks,
Simon.
I noticed that SSL stapling is not working:
When checking httpd.conf i see:[Sat Oct 12 18:59:19.188117 2013] [ssl:error] [pid 2113] AH02217: ssl_stapling_init_cert: Can't retrieve issuer certificate!
[Sat Oct 12 18:59:19.188218 2013] [ssl:error] [pid 2113] AH02235: Unable to configure server certificate for stapling
The SSLCACertificateFile directive, which should point to the .pem Cert file is not there.SSLUseStapling on
SSLStaplingCache shmcb:/usr/local/apache/logs/stapling_cache_shmcb(256000)
SSLSessionCache shmcb:/usr/local/apache/logs/ssl_gcache_data_shmcb(1024000)
Is it supposed to be somewhere in the includes, or is it not implemented at all?
I would like to get OCSP stapling going, because it allows the TLS server to include a recent OCSP response in the TLS handshake so that the client doesn't have to perform its own check. This also reduces load on the OCSP server.
Server version: Apache/2.4.6 (Unix)
Cpanel::Easy::Apache v3.22.6 rev9999
OpenSSL 1.0.0-fips 29 Mar 2010
CENTOS 6.4 x86_64 virtuozzo
Thanks,
Simon.
Last edited: