ssl_stapling_verify

Syntax:	`ssl_stapling_verify on \| off;`
Default:	`ssl_stapling_verify off;`
Context:	`http`, `server`

This directive appeared in version 1.3.7.

Enables or disables verification of OCSP responses by the server.

For verification to work, the certificate of the server certificate issuer, the root certificate, and all intermediate certificates should be configured as trusted using the ssl_trusted_certificate directive.

Links:

https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_stapling_verify

doc_nginx

2017-02-09 07:09:35

Comments

Popular Articles

ssl_stapling Syntax: ssl_stapling on | off; Default: ssl_stapling off; Context: http, server This directive appeared in version 1.3.7. Enables or di

ssl_stapling_file Syntax: ssl_stapling_file file; Default: — Context: http, server This directive appeared in version 1.3.7. When set, the stapled OCSP r

ssl_stapling_responder Syntax: ssl_stapling_responder url; Default: — Context: http, server This directive appeared in version 1.3.7. Overrides the URL of the

ssl_verify_client Syntax: ssl_verify_client on | off | optional | optional_no_ca; Default: ssl_verify_client off; Context: mail, server This direc

ssl_verify_depth Syntax: ssl_verify_depth number; Default: ssl_verify_depth 1; Context: http, server Sets the verification depth in the client certificat