tencent cloud


OCSP Stapling Configuration

Last updated: 2021-11-24 15:30:30


    After OCSP stapling (a TLS certificate status query extension) is enabled, the server will send a pre-cached Online Certificate Status Protocol (OCSP) response during the TLS handshake for user verification, so that the user does not need to send a query request to the certificate authority (CA). OCSP stapling greatly improves the efficiency of TLS handshake and reduces user verification time.

    Tencent Cloud CDN allows you to enable/disable OCSP stapling.


    Viewing the configuration

    Log in to the CDN Console, select Domain Management on the left sidebar, and click Manage on the right of the domain name to access its configuration page. Under the HTTPS Configuration tab, find OCSP Stapling Configuration, which is disabled by default:

    Modifying the configuration

    If a domain name has been configured with HTTPS acceleration, you can directly toggle the OCSP stapling switch to enable/disable this feature. After the certificate configuration is deleted, OCSP stapling will automatically be invalidated:


    If your domain name is configured for global acceleration, the OCSP stapling configuration will take effect globally. This configuration does not distinguish between requests from and outside the Chinese mainland.

    Contact Us

    Contact our sales team or business advisors to help your business.

    Technical Support

    Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

    7x24 Phone Support