IIS 7 and Above
IIS and OCSP Stapling
Last post May 01, 2020 09:07 AM by Yuk Ding
Apr 30, 2020 11:17 AM|rbreness|LINK
Hello, I have configured my web server for OCSP Stapling by following the steps described in this article: https://docs.microsoft.com/en-us/windows-server/security/tls/tls-registry-settings
But I still have two questions:
a) how does the serve receive requests from endpoints to obtain OCSP responses?
b) how does the server fetch OCSP responses to supply to endpoints?
Any help would be greatly appreciated.
May 01, 2020 09:07 AM|Yuk Ding|LINK
When you enable OCSP Stabling, IIS just send a request to the OCSP Server URL and get response body from OCSP server during the SSL handshake. Then IIS send certificate and OCSP status to client side to continue the handshake.
This link may explain how the OCSP works.
Its just a simple web request and get response from request.