There are no messages on nginx error log about any failed attempt to
contact the OCSP stapling server. Should I bisect or do you guys already
have some idea about which commit broke this?
IT Automation Engineer at Stone Payments
> Indeed, with further tests I think that the stapling is working...
> I'm not using the staple file, though. Is this behavior expected without such
> configuration? Also, I've enabled ssl_early_data.
Each nginx worker has it's own cache.
Depending on your worker_processes you might get that amount of responses without ocsp data.
Am 01.10.18 um 15:43 schrieb Bernardo Donadio:
> I've restored the 1.15.4 package and have been making some requests.
> Some of them are correctly stapled, others do not. There's no restart
> between tests.
maybe you run multiple threads and for each thread there is one first request?
> I'm not using the staple file, though. Is this behavior expected
> without such configuration?
it's documented somewhere, I guess at nginx.org website
> Also, I've enabled ssl_early_data.
I don't use this option. Is it TLS1.3 / 0RTT related?