AnsweredAssumed Answered

How does Qualys verify OCSP Stapling?

Question asked by Steve Hartley on Jun 28, 2018
Latest reply on Jul 3, 2018 by Bhushan Lokhande

We are using F5 to load balance external sites (Internet) and recently added OCSP Stapling. We can see that sites that we test using Qualy SSL Labs now show the certificate revocation status but the "OCSP Stapling" parameter says "No" in the report. Our client has stated that until the Qualys test shows OCSP Stapling as "Yes" it is not working but I can show in the tcpdump file where the CA is responding with the certificate status and also the Qualys SSL Labs report is showing the certificate revocation status. I have attached screen shots of the results of the report to show what I am referring to.qualys & f5

ocsp

ocsp_stapling

Outcomes