From the course: ISC2 Systems Security Certified Practitioner (SSCP) (2024) Cert Prep

Unlock this course with a free trial

Join today to access over 24,900 courses taught by industry experts.

Certificate stapling

Certificate stapling

From the course: ISC2 Systems Security Certified Practitioner (SSCP) (2024) Cert Prep

Start my 1-month free trial Buy for my team

Certificate stapling

- [Narrator] The primary issue with OCSP is that it places a significant burden on the OCSP servers operated by certificate authorities. These servers must process requests from every single visitor to a website or other user of a digital certificate, verifying that the certificate is valid and hasn't been revoked. Certificate stapling is an extension to the online certificate status protocol that relieves some of the burden placed upon certificate authorities by the original protocol. Let's look at how certificate stapling works for a web server. When a user visits a website and initiates a secure connection, the website sends its certificate to the user's browser, which is then normally responsible for contacting an OCSP server to verify the certificate's validity. With certificates stapling, the web server contacts the OCSP server itself and receives a signed and times-tamped response from the OCSP server, which the web…

Contents