OCSP Stapling: Self-signed or cross signed root CA?

RFL890 · April 5, 2022, 10:33pm

Hi,
I'm looking to set up OCSP stapling with my nginx server on letsencrypt. I was wondering whether to use the self-signed or cross-signed root CA certificate for the ssl_trusted_certificate directive. Thanks.

9peppe · April 5, 2022, 10:51pm

What version of nginx?

If it's recent enough you don't need that directive, just use

ssl_stapling_verify on;

RFL890 · April 5, 2022, 11:00pm

Thanks, this worked

system · May 5, 2022, 11:00pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Will/does the letsencrypt client create a cert chain usable with OCSP stapling? Server	18	25523	January 14, 2016
I am stuck at ssl_trusted_certificate ?; Server	2	1476	June 6, 2018
Howto: OCSP Stapling for NGINX Server	8	38360	May 3, 2016
OCSP Stapling - Nginx Server Server	9	7823	April 29, 2017
OCSP staling in NGINX via Plesk. How to? Server	3	2351	August 12, 2016

OCSP Stapling: Self-signed or cross signed root CA?

Related topics