在Azure Web App上启用OCSP装订
我已经在Web应用程序上设置了自定义域和SSL.绑定使用的是SNI SSL.测试时,它可以在Chrome上正常运行,但是在尝试通过Firefox访问该网站时会收到SEC_ERROR_REVOKED_CERTIFICATE错误.看来,
被吊销的证书是我缺少OCSP装订.
阅读此内容后,我的服务器IIS 10.0似乎默认情况下应启用OCSP装订.在https://www.ssllabs.com中运行网址时,我看到它未启用.
我还尝试了基于IP的SSL绑定,但无法解决问题.
我该如何手动启用OCSP装订?
I have set up a custom domain and SSL on my web app. The binding is using SNI SSL. When testing this it works fine on Chrome but receive an SEC_ERROR_REVOKED_CERTIFICATE error when trying to access the site on Firefox. It appears that the issue for
the revoked certificate is that I am missing OCSP Stapling.
Reading up on this it looks like my server IIS 10.0 should have OCSP Stapling enabled by default. When running the url in https://www.ssllabs.com I see that it isn't enabled.
I also have tried IP based SSL binding and it did not fix the issue.
How can I go about manually enabling OCSP Stapling?
This feature is not yet available and is under review. There is a feedback on the similar scenario, you could up-vote it. All of the feedback you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Azure.
.
If this answer was helpful, click "Mark as Answer" or "Up-Vote". To provide additional
feedback on your forum experience, click here.