- Updates and Announcements
- User Tutorial
- Product Introduction
- Purchase Guide
- Getting Started
- Configuration Guide
- Permission Management
- Use Cases
- Best Practice
- API Documentation
- FAQ
- Troubleshooting Methods
- CDN Service Level Agreement
- Glossary
- Updates and Announcements
- User Tutorial
- Product Introduction
- Purchase Guide
- Getting Started
- Configuration Guide
- Permission Management
- Use Cases
- Best Practice
- API Documentation
- FAQ
- Troubleshooting Methods
- CDN Service Level Agreement
- Glossary
Overview
After OCSP stapling (a TLS certificate status query extension) is enabled, the server will send a pre-cached Online Certificate Status Protocol (OCSP) response during the TLS handshake for user verification, so that the user does not need to send a query request to the certificate authority (CA). OCSP stapling greatly improves the efficiency of TLS handshake and reduces user verification time.
Tencent Cloud CDN allows you to enable/disable OCSP stapling.
Directions
Viewing the configuration
Log in to the CDN Console, select Domain Management on the left sidebar, and click Manage on the right of the domain name to access its configuration page. Under the HTTPS Configuration tab, find OCSP Stapling Configuration, which is disabled by default:
Modifying the configuration
If a domain name has been configured with HTTPS acceleration, you can directly toggle the OCSP stapling switch to enable/disable this feature. After the certificate configuration is deleted, OCSP stapling will automatically be invalidated:
Note:If your domain name is configured for global acceleration, the OCSP stapling configuration will take effect globally. This configuration does not distinguish between requests from and outside the Chinese mainland.
Yes
No
Was this page helpful?