Enabling OCSP Stapling for a Website
What Is OCSP Stapling
Online Certificate Status Protocol (OCSP) stapling, also known as the extension to the TLS certificate status query, is an alternative approach to the Online Certificate Status Protocol (OCSP) for verifying the status of digital certificates. In the context of web servers, this allows the web server to take over the task of certificate verification, so that the client does not have to verify the certificate on its own.
From a technical perspective, the signed OCSP response from the certificate authority is timestamped and appended to the original TLS handshake (“stapling”). This process significantly reduces the communication overhead between the client and certificate authorities.
Enabling OCSP Stapling in Plesk
To enable OCSP stapling for a website, first log in to the Plesk Control Panel and then select the domain for which you want to enable OCSP stapling.
Next, select the SSL/TLS Certificates menu item to access the site’s SSL settings.
Toggle the OCSP Stapling switch to enable the OCSP stapling process. The OCSP stapling process is activated immediately, and no further steps are required for activation. If you wish to enable OCSP stapling for additional domains, repeat these steps for all desired domains.
Testing OCSP Stapling
To verify that OCSP stapling has been successfully enabled, we recommend using the Qualys SSL Test, among other methods. After enabling OCSP stapling, enter your domain name here and start the test. After a few minutes, you will receive the results of the SSL test.
In the Configuration → OCSP Stapling section, you can verify whether the OCSP stapling process has been successfully enabled.