OCSP stapling is an optional feature on most server types, often enabled by default. Let’s find out what it is, how it works, and why you should use it. What is OCSP stapling? SSL certificates encrypt Web communications so we can trust websites with our private information. But how do we know which SSL certificates […]
OCSP
Sectigo removes CRL support in newly issued certificates
Sectigo (formerly Comodo CA) has removed CRL distribution points on newly issued Domain Validated (DV) SSL/TLS certificates. I speculate that Organization Validated (OV) and Extended Validation (EV) SSL/TLS certificates will soon no longer contain CRL distribution points either. What is CRL? A Certificate Revocation List (CRL) is a list of SSL/TLS certificate serial numbers which […]