I'm also seeing this, in nginx 1.8.0. I have several vhosts using SSL, but only one using OCSP stapling. If I disable all the other servers using SSL then OCSP stapling works. If this is by design then it should be mentioned on the documentation page for the SSL module[0].
Regards, Alan [0] http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_stapling On Sun, Aug 23, 2015 at 11:29 PM, <[email protected]> wrote: > Update; > > it all works now. once i enabled ocsp stapling for ALL of my virtual > domains, they then all began reporting correct results. > > - fabe > > > > > On 2015-08-23 09:55, Fabian Santiago wrote: > >> Thanks. >> >> It does. >> >> Test produces no results. >> >> Not working on ssllabs (no result). >> >> I'm clueless. I've seen mention out on the web about making sure you >> define ocsp for the default site or none else will work. I also make >> use of sni as I only have one ip address. >> >> I have no truly "default" site configured. >> >> Could be related? I am new to nginx so I'm still learning lots. Thanks >> again. >> >> -- >> >> Fabe >> >> >> On Aug 23, 2015, at 4:00 AM, biazus <[email protected]> wrote: >>> >>> Config files seems to be OK. Just make sure "ssl_trusted_certificate" >>> contais the intermediate & root certificates (in that order from top to >>> bottom). >>> >>> You can test with the following command: >>> >>> echo QUIT | openssl s_client -connect yourhost.com:443 -status 2> >>> /dev/null >>> | grep -A 17 'OCSP response:' | grep -B 17 'Next Update' >>> >>> good luck >>> >>> Posted at Nginx Forum: >>> http://forum.nginx.org/read.php?2,261177,261185#msg-261185 >>> >>> _______________________________________________ >>> nginx mailing list >>> [email protected] >>> http://mailman.nginx.org/mailman/listinfo/nginx >>> >> >> _______________________________________________ >> nginx mailing list >> [email protected] >> http://mailman.nginx.org/mailman/listinfo/nginx >> > > _______________________________________________ > nginx mailing list > [email protected] > http://mailman.nginx.org/mailman/listinfo/nginx > -- Alan Orth [email protected] https://alaninkenya.org https://mjanja.ch "In heaven all the interesting people are missing." -Friedrich Nietzsche GPG public key ID: 0x8cb0d0acb5cd81ec209c6cdfbd1a0e09c2f836c0
_______________________________________________ nginx mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx
