OCSP binding configuration

Last updated: 2020-03-19 17:57:04

PDF

Configure the scene

Enable the OCSP Stapling server to send cached OCSP query results to the client during the TLS handshake for user verification without having to let the client send a request to the CA itself. OCSP bookbinding greatly improves the efficiency of TLS handshake and saves user verification time.

Tencent Cloud CDN supports self-help to enable or disable OCSP Stapling configuration.

Configuration Guid

View Settings

Login CDN console Select "Domain name Management" in the menu bar, and click "manage" on the right side of the domain name to enter "Advanced configuration" in the last column of the domain name configuration page. You can see "OCSP binding configuration", which is turned off by default.

Change Settings

For a domain name configured with HTTPS acceleration, you can turn on or off the OCSP binding configuration directly by clicking the switch. After deleting the certificate configuration, the OCSP binding configuration will fail synchronously.

If the service region of the domain name is global, the configured OCSP binding will take effect globally, and domestic and overseas configurations are not supported.