OCSP \u6280\u672f\u53ef\u4ee5\u8ba9\u5ba2\u6237\u7aef\u901a\u8fc7\u670d\u52a1\u5668\u83b7\u53d6\u8bc1\u4e66\u662f\u5426\u6709\u6548\uff0c\u4e0d\u5fc5\u8bf7\u6c42CA\u7b7e\u53d1\u673a\u6784\uff0c\u63d0\u4f9b\u54cd\u5e94\u901f\u5ea6\u3002<\/p>\n
\u5b83\u662f\u5982\u4f55\u5de5\u4f5c\u7684<\/b><\/p>\n
\u7531\u8bc1\u4e66\u9881\u53d1\u673a\u6784(\u5982GeoTrust\u6216Comodo) \u751f\u540a\u9500\u5217\u8868 \uff08crl\uff09\u3002\u5f53\u5ba2\u6237\u7aef\u53d1\u51fa\u9a8c\u8bc1\u4fe1\u4efb\u94fe\u7684\u8bf7\u6c42\u65f6\uff0c\u6b64\u8fc7\u7a0b\u4e2d\u7684\u4e00\u4e2a\u6b65\u9aa4\u662f\u4ece\u670d\u52a1\u5668\u7684x509\u8bc1\u4e66\u4e2d\u63d0\u53d6crl\u5730\u5740\u83b7\u53d6\u540a\u9500\u6570\u636e\uff0c\u67e5\u8be2\u8bc1\u4e66\u7684\u552f\u4e00\u7f16\u7801\u662f\u5426\u5df2\u52a0\u5165CRL\u6587\u4ef6\u4e2d\uff0c\u5982\u679c\u8bc1\u4e66\u5728\u540a\u9500\u5217\u8868\uff0c\u8bc1\u4e66\u9a8c\u8bc1\u5931\u8d25\u3002\u4f46\u662f\u540c\u65f6\u4f7f\u7528\u4e86\u670d\u52a1\u5668\u548c\u5ba2\u6237\u7aef\u7684\u5927\u91cf\u5e26\u5bbd\u3002\u8fd9\u5c06\u4e3a\u7528\u6237\u5e26\u6765\u66f4\u957f\u7684\u52a0\u8f7d\u65f6\u95f4\u3002OCSP Stapling \u6280\u672f\u2014\u2014\u5ba2\u6237\u7aef\u4e0d\u518d\u5411CA\u5efa\u7acb\u8fde\u63a5\uff0c\u670d\u52a1\u5668\u53ea\u662f\u5468\u671f\u6027\u5730\u5411OCSP\u670d\u52a1\u5668\u67e5\u8be2\u7b7e\u540d\u7684\u3001\u6709\u65f6\u95f4\u6233\u7684\u54cd\u5e94\uff0c\u5e76\u5c06\u5176\u9644\u52a0\u5230\u8bc1\u4e66\u4e0a\u3002\u8fd9\u4e2a\u54cd\u5e94\u5c06\u4f20\u9012\u7ed9\u5ba2\u6237\u7aef\uff0c\u5ba2\u6237\u7aef\u53ef\u4ee5\u52a8\u6001\u5730\u9a8c\u8bc1\u5b83\uff0c\u800c\u4e0d\u9700\u8981\u989d\u5916\u7684\u7f51\u7edc\u8c03\u7528\u3002<\/p>\n
Nginx<\/b><\/p>\n Apache<\/b><\/p>\n IIS\u00a0 \u00a0WIN 2008 R2+ \u4ee5\u4e0a\u7248\u672c\u624d\u652f\u6301OCSP<\/b><\/p>\n IIS 7\u00a0 \/ Server 2008. \u5982\u679c\u591a\u4e2a\u8bc1\u4e66\u5171\u4eab\u4e00\u4e2a\u7aef\u53e3\uff0c\u9700\u8981\u6dfb\u52a0\u6ce8\u518c\u8868<\/p>\n PowerShell<\/p>\n OCSP \u6280\u672f\u53ef\u4ee5\u8ba9\u5ba2\u6237\u7aef\u901a\u8fc7\u670d\u52a1\u5668\u83b7\u53d6\u8bc1\u4e66\u662f\u5426\u6709\u6548\uff0c\u4e0d\u5fc5\u8bf7\u6c42CA\u7b7e\u53d1\u673a\u6784\uff0c\u63d0\u4f9b\u54cd\u5e94\u901f\u5ea6\u3002 \u5b83\u662f\u5982\u4f55\u5de5\u4f5c\u7684 \u7531\u8bc1\u4e66\u9881\u53d1\u673a\u6784(\u5982GeoTrust\u6216Comodo) \u751f\u540a\u9500\u5217\u8868 \uff08crl\uff09\u3002\u5f53\u5ba2\u6237\u7aef\u53d1\u51fa\u9a8c\u8bc1\u4fe1\u4efb\u94fe\u7684\u8bf7\u6c42\u65f6\uff0c\u6b64\u8fc7 …<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[3],"tags":[],"class_list":["post-171","post","type-post","status-publish","format-standard","hentry","category-faq"],"_links":{"self":[{"href":"https:\/\/ssle.cn\/help\/wp-json\/wp\/v2\/posts\/171","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ssle.cn\/help\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ssle.cn\/help\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ssle.cn\/help\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/ssle.cn\/help\/wp-json\/wp\/v2\/comments?post=171"}],"version-history":[{"count":0,"href":"https:\/\/ssle.cn\/help\/wp-json\/wp\/v2\/posts\/171\/revisions"}],"wp:attachment":[{"href":"https:\/\/ssle.cn\/help\/wp-json\/wp\/v2\/media?parent=171"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ssle.cn\/help\/wp-json\/wp\/v2\/categories?post=171"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ssle.cn\/help\/wp-json\/wp\/v2\/tags?post=171"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}ssl_stapling on;\r\nssl_stapling_verify on;<\/pre>\n
SSLUseStapling On\r\nSSLStaplingCache shmcb:logs\/ssl_stapling(32768)<\/pre>\n
HKLM\\System\\CurrentControlSet\\Control\\SecurityProviders\\Schannel\\\r\nEnableOcspStaplingForSni value 1<\/pre>\n
New-ItemProperty -Path \"HKLM:\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\\" -Name \"EnableOcspStaplingForSni\" -PropertyType DWord -Value 1<\/pre>\n","protected":false},"excerpt":{"rendered":"