What is OCSP (Online Certificate Status Protocol)?
OCSP stands for Online Certificate Status Protocol. This is a browser protocol that checks the validity of an SSL certificate with the help of a whitelist.
The validity of an SSL certificate is commonly checked with the use of a Certificate Revocation List: a blacklist issued by the Certificate Authority listing all the revoked certificates. Each time a website with a certificate is visited, the browser sends a request to the CA, upon which the CA returns the CRL. The browser can then check whether the certificate is listed on the blacklist. If this is the case, the browser can show an error message to the user.
Using a CRL comes with its downsides: the browser has to send a request for the CRL with every visit, which creates more traffic to the CA, especially when the website is popular. This can potentially generate such an amount of traffic that it can be used for a DDoS attack. If the CA is unavailable for a response, the browser wont have a CRL with which to check the certificate. It could even erroneously assume that the certificate is valid. It is therefore also very important that the CA keeps the CRL up to date.
OCSP was created as an alternative to the CRL, and works with a whitelist instead of a blacklist. Instead of having to request the full blacklist from the CA, the browser can now simply send the certificate that needs to be checked for validity. The CA responds with the status of the certificate, and the browser can use this response to act accordingly. This method produces less traffic to the CA, and requires less actions from the browser, because it only has to process a small response status. Should the CA be unavailable to respond to the browsers request, the browser wont automatically send the user to the website: it will show an error message instead.
But OCSP has some drawbacks as well: while the chance may be reduced, it is still possible for the CA systems to overload. The request to the CA is also always made over HTTP, which leaves a possibility for hackers to eavesdrop. Finally, it is still questionable to include a third party in the validity check of a certificate, even if that party is the CA who issued the certificate in the first place.
In OCSP Stapling, it is not the browser, but the server hosting the SSL certificate that sends an OCSP request to the CA. This process is repeated regularly, keeping the result as up to date as possible. The server then connects the result to the SSL handshake, a process that is called upon each time a browser connects with the server. This offers multiple advantages: it requires less traffic between the server and the browser, because the response to the browsers request is immediately returned with the SSL handshake. The OCSP request to the CA from the server runs on a closed circuit, and the response from the CA must always be signed by the CA in order to be valid. This eliminates the possibility of abuse of this system. The result is always kept for a longer period of time, making it more stable than CRL or OCSP. Should the CA be unavailable, the server can still produce a valid result that can be used to verify the certificate. And when the server is unable to return this request to the browser, the browser can always perform a regular OCSP request.
OCSP Stapling is a setting in your webserver installation. The process of setting up this configuration depends on the software running on your server.
Frequently asked questions
About SSL certificates
- What is a common name?
- What is a private key and what is a public key?
- What is a wildcard certificate?
- What is an intermediate certificate?
- What is a root certificate?
- What is SNI and when do I need it?
- What are cipher suites?
- What is HTTP Strict Transport Security (HSTS)?
- What is OCSP?
- How does file approver work?