Activate OCSP stapling for a website

What is OCSP-Stapling

Online Certificate Status Protocol stapling, also known as the extension to the TLS certificate status query, is an alternative approach to the Online Certificate Status Protocol (OCSP) for checking the status of digital certificates. In the area of use of web servers, the web server can take over the task of checking the certificate so that the respective client does not have to check the certificate independently.

From a technical point of view, the signed OCSP response from the certification authority is provided with a time stamp and attached to the original TLS handshake ("stapling"). This procedure significantly reduces the communication effort between client and certification authorities.

Activation in Plesk

To activate OCSP stapling for a website, first log in to the Plesk Control Panel and then select the desired domain for which you want to activate the OCSP stapling procedure.

Then select the SSL/TLS certificates menu item to access the SSL settings for the page.

Activate the OCSP stapling switch to activate the OCSP stapling procedure. The OCSP stapling procedure is activated immediately and no further steps are required for activation. If you want to activate OCSP stapling for other domains, repeat the steps for all desired domains.

Test OCSP stapling

To check whether OCSP stapling has been successfully activated, we recommend using the SSL test from Qualys. After activation, enter your domain name here and start the test. You will receive the result of the SSL check after a few minutes.

In the Configuration → OCSP stapling area, you can check whether the OCSP stapling procedure has been successfully activated.