Online Certificate Status Protocol — OpenSSL Certificate
The Online Certificate Status Protocol (OCSP) is a mechanism for determining whether or not a server certificate has been revoked, and OCSP Stapling is a special form of this in which the server, such as httpd and mod_ssl, maintains current OCSP responses for its certificates and sends them to clients which communicate with the server. FAQ: Digital Certificate Revocation - SSL.com In OCSP stapling: 1. A web server requests and obtains a signed OCSP response for its certificate from an OCSP responder, which can be cached for up to 7 days. 2. The server includes the cached OCSP response along with (or “stapled to”) its certificate in its HTTPS responses to web browsers. 3. OCSP Stapling on Nginx and Apache webserver - MyBlueLinux.COM
Mar 02, 2014
debian - OpenSSL OCSP Responder don't start anymore - Unix
Check TLS certificate revocation with SSL Labs, crt.sh and
Apache Tomcat 10 (10.0.0-M6) - SSL/TLS Configuration How-To