Fortinet black logo

OCSP Stapling Guide

Home FortiADC 5.4.1 OCSP Stapling Guide

Testing OCSP Stapling

5.4.1
6.1.0
5.4.1
5.4.0
5.3.0
Copy Link
Copy Doc ID 3285be51-7ac3-11ea-9384-00505692583a:54322
Download PDF

Testing OCSP Stapling

We have configured OCSP stapling and we want to test whether or not it works. It is easy to check using the openssl s_client command:

Use OPENSSL

openssl s_client -connect yourdomain.com:443 -tlsextdebug –status

In the response, look for the OCSP response:

OCSP response:

======================================

OCSP Response Data:

OCSP Response Status: successful (0x0)

Response Type: Basic OCSP Response

That means the OCSP stapling is working. If you get a response as below, the OCSP stapling is not enabled.

OCSP response: no response sent

Previous
Next

Testing OCSP Stapling

We have configured OCSP stapling and we want to test whether or not it works. It is easy to check using the openssl s_client command:

Use OPENSSL

openssl s_client -connect yourdomain.com:443 -tlsextdebug –status

In the response, look for the OCSP response:

OCSP response:

======================================

OCSP Response Data:

OCSP Response Status: successful (0x0)

Response Type: Basic OCSP Response

That means the OCSP stapling is working. If you get a response as below, the OCSP stapling is not enabled.

OCSP response: no response sent

Previous
Next