>> Yes, I ran the s_client command multiple times to account for the nginx
>> responder delay. I was testing OCSP stapling on just one of my domains.
>> Then I read that the 'default_server' SSL server also has to have OCSP
>> stapling enabled for vhost OCSP stapling to work:
>>
>> https://gist.github.com/konklone/6532544
>
>There is no such a requirement.
I have the same problem here.
openssl s_client -servername ${WEBSITE} -connect ${WEBSITE}:443 -tls1
-tlsextdebug -status|grep OCSP
Always returns the following on all virtual hosts no matter on how many
times I try:
OCSP response: no response sent
But as soon that I disable my self-signed default host and restart Nginx, I
get a successfull repsonse on the second request on all CA signed hosts:
OCSP Response Status: successful (0x0)
Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,257833,257974#msg-257974
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
