站点ocsp stapling检查、检查https 站点ocsp stapling配置、检查站点证书吊销状态信息

https证书由于一些安全问题,在有效期内颁发证书,进行吊销处理。最开始用crl证书黑名单,浏览器会下载名单来做对比。由于吊销证书增大下载名单存在不及时,下载慢问题。后来推出ocsp 在线查询证书吊销状态协议,浏览器会在握手时候 从证书颁发机构提供服务接口查询证书是否吊销信息。这会存在隐私安全及查询超时等问题。后来推出ocsp stapling协议,由站点服务器将证书吊销信息查询回,并且缓存起来,在客户握手阶段直接返回给客户浏览器。这样节省查询时间,也减少用户信息泄露问题。本工具支持在线查询站点是否支持ocsp stapling协议,欢迎使用!


ocsp stapling检测结果:   

https://www.bing.com检测结果

ocsp stapling:支持

原始信息

OCSP Response Status: successful (0x0)
Response Type: Basic OCSP Response
Version: 1 (0x0)
Responder Id: 108A72F9F95647F20B2CDBD20458484E0B24DCF3
Produced At: Oct  8 19:30:17 2020 GMT
Responses:
Certificate ID:
Hash Algorithm: sha1
Issuer Name Hash: 881A4A74FEFF4652F354BB510FD3A4EEEFE0A1C8
Issuer Key Hash: 919E3B446C3D579C42772A34D74FD1CC4A972CDA
Serial Number: 2000060F1B8EB1CE4263468342000000060F1B
Cert Status: good
This Update: Oct  8 19:30:17 2020 GMT
Next Update: Oct 12 19:30:17 2020 GMT

Signature Algorithm: sha256WithRSAEncryption
d6:2a:d8:6e:8b:6d:63:5f:05:ad:48:8e:b6:a6:96:7e:2a:81:
a4:c9:ef:2b:78:de:60:46:11:e8:13:cc:ec:84:a1:b2:74:6d:
39:43:f6:ec:62:16:f9:87:d4:23:90:10:ce:eb:bb:fc:1c:ab:
98:09:cd:fc:cd:87:d6:6c:88:d6:9a:0d:8f:9e:28:b2:cb:d2:
5c:f4:cd:50:c9:bd:d8:bf:af:7c:9c:2e:2c:78:17:c6:58:50:
64:0f:e9:5a:7f:98:18:28:92:d4:f9:d2:96:4b:e9:8e:a6:7d:
54:d7:d3:0c:e7:9b:60:0e:7f:73:77:72:f9:35:cb:10:83:44:
2c:f5:4d:36:3c:5e:a9:10:78:26:5c:f6:4b:98:39:05:1a:bf:
04:8e:3c:7b:e6:72:db:e8:eb:88:b9:8b:28:a6:e4:90:e7:20:
7f:04:d7:a2:e0:a8:7a:3a:d1:75:d9:f6:50:6c:0a:55:fa:ee:
f5:e4:43:2b:f5:9d:9a:19:81:e4:bc:8a:73:43:c1:7d:6f:10:
bb:00:c6:59:57:81:26:73:5e:dc:af:7c:bb:e3:1a:0e:5a:cf:
7a:ae:3d:46:99:89:6d:b0:7b:b6:ee:aa:e1:3a:bb:a6:4f:7a:
3b:a7:78:30:68:15:d4:f3:c2:23:74:5e:6f:cf:ff:af:e6:e6:
2f:a2:db:0e
Certificate:
请输入地址
请输入地址