OCSP Stapling: Self-signed or cross signed root CA?

Hi,
I'm looking to set up OCSP stapling with my nginx server on letsencrypt. I was wondering whether to use the self-signed or cross-signed root CA certificate for the ssl_trusted_certificate directive. Thanks.

2 Likes

What version of nginx?

If it's recent enough you don't need that directive, just use

ssl_stapling_verify on;

5 Likes

Thanks, this worked

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.