13

What exactly does the ssl_stapling_verify directive? Does it check if the signature of the answer is correct? The official nginx documentation is very vague in explaining this:

https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_stapling_verify

Enables or disables verification of OCSP responses by the server.

For verification to work, the certificate of the server certificate issuer, the root certificate, and all intermediate certificates should be configured as trusted using the ssl_trusted_certificate directive.

Community
  • 1
Bratwurstmobil
  • 133
  • 1
  • 5

2 Answers2

5

I found in Nginx souce code. the file ngx_event_openssl_stapling.c#L660:

OCSP_basic_verify(basic, chain, store,staple->verify ? OCSP_TRUSTOTHER :OCSP_NOVERIFY
if you config `ssl_stapling_verify` value is on, then `staple->verify` will true, next the function `OCSP_basic_verify` will use `OCSP_TRUSTOTHER ` param to verified.

then, I found the OCSP_basic_verify function in openssl libaray, it said:

Then the function already returns success if the flags contain OCSP_NOVERIFY or if the signer certificate was found in certs and the flags contain OCSP_TRUSTOTHER.

the more about is here: https://meto.cc/article/what-exactly-did-ssl_stapling_verify-verify

DailyiOS
  • 66
  • 1
  • 2
0

Wikipedia says, "OCSP stapling, formally known as the TLS Certificate Status Request extension, is an alternative approach to the Online Certificate Status Protocol (OCSP) for checking the revocation status of X.509 digital certificates. It allows the presenter of a certificate to bear the resource cost involved in providing OCSP responses by appending ("stapling") a time-stamped OCSP response signed by the CA to the initial TLS handshake, eliminating the need for clients to contact the CA".

Emphasis added.

The directive turns this "alternative approach" of OCSP stapling on or off. By default, OCSP stapling is not enabled. You can enable it using

ssl_stapling_verify   on;
Diogenes deLight
  • 440
  • 3
  • 7
  • 8
    OCSP Stapling is controlled by the "ssl_stapling" directive and can be enabled independently of OCSP Stapling Verification. If verification is disabled the server simply forwards to the client the OCSP response it received from the CA, without performing any validation. Regarding the specific validations performed, I don't know for sure. It definitely includes checking the signature of the response and the validness of the certificate used to sign it. – EliaCereda May 05 '17 at 11:10