OCSP Stapling is a performance optimization for TLS certificate validation that can make your website load significantly faster for users.
Let’s see it in action. Imagine a user’s browser needs to connect to your web server. Typically, the browser will fetch your server’s certificate and then, separately, contact the Certificate Authority (CA) that issued your certificate to verify its status. This means an extra network hop, and if the CA’s OCSP responder is slow or unavailable, the user’s connection grinds to a halt.
With OCSP Stapling, your web server proactively obtains the OCSP (Online Certificate Status Protocol) response from the CA for its own certificate. It then "staples" this signed, time-stamped response directly to the certificate it presents to the client during the TLS handshake.
Here’s how it works internally:
- Server-side OCSP Fetch: Your web server, configured for OCSP Stapling, periodically queries the OCSP responder of its issuing CA. It requests the status of its own certificate.
- Response Caching: The CA’s OCSP responder signs and returns a status response (e.g., "good," "revoked"). Your web server caches this response locally. The response has a limited validity period.
- TLS Handshake: When a client initiates a TLS connection to your server, your server sends its certificate along with the cached OCSP response.
- Client-side Verification: The client receives the certificate and the stapled OCSP response. It can then verify the certificate’s status without needing to contact the CA itself. This eliminates the extra network hop to the OCSP responder.
The primary problem OCSP Stapling solves is the performance bottleneck caused by clients independently querying OCSP responders. This is especially critical for mobile users or those on high-latency networks. By offloading this verification step to the server and delivering it as part of the handshake, you significantly reduce the time to establish a secure connection.
Let’s look at Nginx configuration. To enable OCSP Stapling, you’ll typically add these directives within your server block, usually in the ssl_certificate section:
server {
listen 443 ssl;
server_name example.com;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
# OCSP Stapling directives
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/live/example.com/chain.pem; # Often the same as ssl_certificate, but can be just the chain
resolver 8.8.8.8 8.8.4.4 valid=300s; # Use your preferred DNS resolvers
resolver_timeout 5s;
}
The ssl_stapling on; directive enables the feature. ssl_stapling_verify on; tells Nginx to perform basic validation of the stapled OCSP response itself, ensuring it’s not expired and is signed by the correct authority. ssl_trusted_certificate is crucial; it should contain the intermediate certificates that Nginx will use to verify the signature on the OCSP response. This is often the same file as your ssl_certificate (the fullchain.pem), but it’s good practice to be explicit.
The resolver and resolver_timeout directives are essential because Nginx needs to be able to resolve the hostnames of the OCSP responders to fetch the responses. Without them, Nginx wouldn’t know where to ask for the OCSP data. Using public DNS servers like Google’s (8.8.8.8, 8.8.4.4) is common, but you can use your own internal DNS servers if they are reliable and have good external connectivity. valid=300s means Nginx will cache DNS lookups for 300 seconds.
The secret sauce for OCSP stapling is the ssl_trusted_certificate directive. While it’s often the same file as your ssl_certificate (which contains your server cert and intermediates), its purpose here is to provide the chain of trust that Nginx uses to validate the OCSP response’s signature. If this chain is incomplete or incorrect, Nginx won’t be able to trust the stapled response, and the stapling will fail silently or, worse, lead to validation errors. The OCSP response itself is signed by the CA’s intermediate certificate, and Nginx needs the corresponding root and intermediate certificates to verify that signature.
When clients encounter a web server with OCSP Stapling enabled, they typically see a faster connection establishment. Tools like Qualys SSL Labs will report this optimization positively, indicating "Yes" for OCSP Stapling.
The next step in optimizing TLS is often exploring TLS 1.3 cipher suites and session resumption techniques.