We are excited to announce that the IIS.NET Forums are moving to the new Microsoft Q&A experience. Learn more >

IIS and OCSP StaplingRSS

1 reply

Last post May 01, 2020 09:07 AM by Yuk Ding

  • IIS and OCSP Stapling

    Apr 30, 2020 11:17 AM|rbreness|LINK

    Hello, I have configured my web server for OCSP Stapling by following the steps described in this article: https://docs.microsoft.com/en-us/windows-server/security/tls/tls-registry-settings

    But I still have two questions:

    a) how does the serve receive requests from endpoints to obtain OCSP responses?

    b) how does the server fetch OCSP responses to supply to endpoints?

    Any help would be greatly appreciated.

  • Re: IIS and OCSP Stapling

    May 01, 2020 09:07 AM|Yuk Ding|LINK

    Hi rbreness,

    When you enable OCSP Stabling, IIS just send a request to the OCSP Server URL and get response body from OCSP server during the SSL handshake. Then IIS send certificate and OCSP status to client side to continue the handshake.

    This link may explain how the OCSP works.

    https://www.example-code.com/dotnet-core/ocsp_certificate_validation.asp

    Its just a simple web request and get response from request. 

    Best Regards,

    Jokies Ding

    Yuk Ding

    MSDN Community Support
    Please remember to "Mark as Answer" the responses that resolved your issue.