Skynats Logo

Need Assistance?

In only two hours, with an average response time of 15 minutes, our expert will have your problem sorted out.

Get Assistance Now

Server Trouble?

For a single, all-inclusive fee, we guarantee the continuous reliability, safety, and blazing speed of your servers.

Explore Our Plans

How to Enable OCSP Stapling for a Domain in Plesk Server

OCSP Stapling is a method to improve the SSL/TLS handshake performance and privacy. It allows a web server to fetch the OCSP (Online Certificate Status Protocol) response from the Certificate Authority (CA) and then “staple” it to the SSL/TLS handshake. This reduces the need for the client to contact the CA directly, speeding up the process and protecting privacy.

In this guide, we’ll walk you through enabling OCSP Stapling for a domain on a Plesk server.

 Prerequisites

  • A Plesk server with administrative access.
  • An SSL certificate installed on the domain for which you want to enable OCSP Stapling.
  • The domain is running on a web server that supports OCSP Stapling (e.g., Apache or Nginx).

Steps to Enable OCSP Stapling in Plesk

First Log in to your Plesk server’s admin panel using your credentials. In the Plesk dashboard, go to Websites & Domains and select the domain for which you want to enable OCSP Stapling. 

Then click on the Hosting & DNS section, You can find the Apache & Nginx configuration there, get into this and add the following directives in the In the Additional Apache directives or Additional Nginx directives section (depending on your web server):

For Apache:

SSLUseStapling on
SSLStaplingCache shmcb:/tmp/stapling_cache(128000)

For Nginx is used:

ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.4.4 8.8.8.8 valid=300s;
resolver_timeout 10s;

These settings enable OCSP Stapling and configure the server to cache the OCSP responses.

Apply and Restart Services

After adding the directives, click OK or Apply to save the changes.

Then, Restart the web server (Apache or Nginx) in order for the changes to take effect. This can be done via the Tools & Settings > Services Management section in Plesk admin.

Verify OCSP Stapling

Once after restarting the services, you can verify that OCSP Stapling is working by using an online tool like SSL Labs’ SSL Test or by running the following command on the backend:

#openssl s_client -connect yourdomain.com:443 -status | grep -A 17 'OCSP response:'

If OCSP is configured correctly, the response will include details about the OCSP Stapling status.

Conclusion

Enable OCSP Stapling Plesk is a straightforward process that enhances the security and performance of your SSL/TLS connections. By following the steps outlined above, you can ensure that your domain benefits from faster handshakes and improved privacy, providing a better experience for your users.

If you need assistance enabling OCSP Stapling for a domain on your Plesk server, our team is here to help. Contact us for expert guidance and support to enhance your server’s security and performance efficiently.

Liked!! Share the post.

Get Support right now!

Start server management with our 24x7 monitoring and active support team

GET STARTED NOW
GET YOUR SERVER ISSUES RESOLVED TODAY

Company

Services

Quick Links

© Copyright 2024 Skynats.com

Can't get what you are looking for?

TALK TO OUR EXPERTS NOW

Available 24x7 for emergency support.