How to enable ocsp? #14
Comments
|
Just copy the code from https://github.com/indutny/ocsp#cache. I've const https = require('https');
const ocsp = require('ocsp');
// Create cache for OCSP (it'll be used to respond to OCSP stapling requests)
var cache = new ocsp.Cache();
// Create your HTTPS server
var server = https.createServer({
cert: cert, // Your cert
key: key // Your private key
}, function(req, res) {
res.end('hello world'); // Your request handling and response
});
/*
* This block below responds to OCSP sapling requests
* 1. It gets OCSP URI for your certificate
* 2. Checks if there is a valid cached response
* 3. Sends cached response OR queries OCSP server (using OCSP URI) to get a response
*/
server.on('OCSPRequest', function(cert, issuer, cb) {
ocsp.getOCSPURI(cert, function(err, uri) {
if (err) return cb(err);
if (uri === null) return cb();
var req = ocsp.request.generate(cert, issuer);
cache.probe(req.id, function(err, cached) {
if (err) return cb(err);
if (cached !== false) return cb(null, cached.response);
var options = {
url: uri,
ocsp: req.data
};
cache.request(req.id, options, cb);
});
});
}); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Sorry, noob here. I made a test on ssllabs.com and this says "OCSP stapling No"
What do i need to make it pass? Cache? Server? I don't fully understand what ssllabs tests here
The text was updated successfully, but these errors were encountered: