Beveiliging

OCSP stapling

mk /etc/ssl/stapling

.pem file for each CA
(in this case Lets Encrypt)

containing the Intermediate
(Let’s Encrypt Authority X3)

and the Root CA (DST Root CA X3)

and upload them to the folder…
/etc/ssl/stapling/Lets-Encrypt-Authority-X1.pem

Plesk Nginx
Domains > domain.tld > Apache & Nginx Settings > Additional nginx directives

ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/ssl/stapling/Lets-Encrypt-Authority-X1.pem;
resolver 8.8.4.4 8.8.8.8 valid=300s;
resolver_timeout 10s;