{"id":197334,"date":"2020-11-22T18:06:11","date_gmt":"2020-11-22T10:06:11","guid":{"rendered":"http:\/\/4563.org\/?p=197334"},"modified":"2020-11-22T18:06:11","modified_gmt":"2020-11-22T10:06:11","slug":"lets-encrypt-ocsp%e6%b1%a1%e6%9f%93%e9%83%bd%e5%93%aa%e4%ba%9b%e6%b5%8f%e8%a7%88%e5%99%a8%e5%8f%97%e5%88%b0%e5%bd%b1%e5%93%8d%ef%bc%9f","status":"publish","type":"post","link":"http:\/\/4563.org\/?p=197334","title":{"rendered":"let&#8217;s encrypt OCSP\u6c61\u67d3\u90fd\u54ea\u4e9b\u6d4f\u89c8\u5668\u53d7\u5230\u5f71\u54cd\uff1f"},"content":{"rendered":"\n<p>  \t\t\t\t\t<strong>openboy<\/strong>  \t\t\t\t\u5927\u4f6c\u6709\u8bdd\u8bf4 : \t<\/p>\n<h3>let&#8217;s encrypt OCSP\u6c61\u67d3\u90fd\u54ea\u4e9b\u6d4f\u89c8\u5668\u53d7\u5230\u5f71\u54cd\uff1f<\/h3>\n<p>  \t\t\u8bf7\u6559\u5927\u4f6c\t\t\t\t<\/p>\n<p>  \t\t\t\t\t<strong>Effervescence<\/strong>  \t\t\t\t\u5927\u4f6c\u6709\u8bdd\u8bf4 : \t<\/p>\n<h3><\/h3>\n<p>  \t\t\u76f4\u63a5\u6362\u514d\u8d39\u7684\u4e00\u5e74\u5427\uff0c\u53ea\u662f\u6ca1\u6709\u901a\u914d\u7b26\u3002\t\t\t\t<\/p>\n<p>  \t\t\t\t\t<strong>\u6211y\u96f6kk<\/strong>  \t\t\t\t\u5927\u4f6c\u6709\u8bdd\u8bf4 : \t<\/p>\n<h3><\/h3>\n<p>  \t\t\u4e3b\u8981\u5c31\u82f9\u679c\u7684Safari\u548cIE\uff0cChrome\u548cFirefox\u90fd\u4e0d\u6821\u9a8cLE\u7684OCSP\t\t\t\t<\/p>\n<p>  \t\t\t\t\t<strong>\u5ba3\u4f20<\/strong>  \t\t\t\t\u5927\u4f6c\u6709\u8bdd\u8bf4 : \t<\/p>\n<h3><\/h3>\n<p>  \t\tchrome\u3001edge\u3001ie\t\t\t\t<\/p>\n<p>  \t\t\t\t\t<strong>\u5f00\u8165\u5c0f\u7ad9\u957f<\/strong>  \t\t\t\t\u5927\u4f6c\u6709\u8bdd\u8bf4 : \t<\/p>\n<h3><\/h3>\n<p>  \t\t\u4f60\u5728Nginx\u8bbe\u7f6eserver\u6bb5\u91cc\u9762\u5199\u4e00\u4e0b\u8df3\u8fc7\u6821\u9a8c\uff1a<br \/>  ssl_stapling on;<br \/>  ssl_stapling_verify on;\t\t\t\t<\/p>\n<p>  \t\t\t\t\t<strong>why?<\/strong>  \t\t\t\t\u5927\u4f6c\u6709\u8bdd\u8bf4 : \t<\/p>\n<h3><\/h3>\n<p>  \t\t\u6211y\u96f6kk \u5927\u4f6c\u6709\u8bdd\u8bf4 : 2020-11-22 14:00<br \/>  \u4e3b\u8981\u5c31\u82f9\u679c\u7684Safari\u548cIE\uff0cChrome\u548cFirefox\u90fd\u4e0d\u6821\u9a8cLE\u7684OCSP<\/p>\n<p> Firefox \u8c8c\u4f3c\u9ed8\u8ba4\u5c31\u68c0\u9a8c\u7684\t\t\t\t<\/p>\n<p>  \t\t\t\t\t<strong>\u6211y\u96f6kk<\/strong>  \t\t\t\t\u5927\u4f6c\u6709\u8bdd\u8bf4 : \t<\/p>\n<h3><\/h3>\n<p>  \t\twhy? \u5927\u4f6c\u6709\u8bdd\u8bf4 : 2020-11-22 14:13<br \/>  Firefox \u8c8c\u4f3c\u9ed8\u8ba4\u5c31\u68c0\u9a8c\u7684<\/p>\n<p> \u5b9e\u9645\u60c5\u51b5\u662f\u5bf9\u4e8eLE\u7684\u8bc1\u4e66\u76f4\u63a5\u4fe1\u4efb\t\t\t\t<\/p>\n<p>  \t\t\t\t\t<strong>iks<\/strong>  \t\t\t\t\u5927\u4f6c\u6709\u8bdd\u8bf4 : \t<\/p>\n<h3><\/h3>\n<p>  \t\t\u6211y\u96f6kk \u5927\u4f6c\u6709\u8bdd\u8bf4 : 2020-11-22 14:15<br \/>  \u5b9e\u9645\u60c5\u51b5\u662f\u5bf9\u4e8eLE\u7684\u8bc1\u4e66\u76f4\u63a5\u4fe1\u4efb<\/p>\n<p>  FireFox \u9075\u5faa OCSP \u54cd\u5e94\u4e2d\u7684\u5230\u671f\u65f6\u95f4\uff08\u591a\u662f\u4e00\u5468\uff09<br \/>  \u4e0d\u77e5\u9053\u5bf9 Let&#8217;s Encrypt Authority X3 \u662f\u5426\u6709\u7279\u6b8a\u653f\u7b56<\/p>\n<p>  \u76ee\u524d\u90e8\u5206 DV \u8bc1\u4e66\uff08\u4e3b\u8981\u662f\u514d\u8d39\u8bc1\u4e66\u63d0\u4f9b\u5546\uff09\u53d6\u6d88\u4e86 CRL \u5206\u53d1\u70b9\u8fd9\u4e2a\u6269\u5c55\uff0c\u9a8c\u8bc1\u8bc1\u4e66\u662f\u5426\u540a\u9500\u53ea\u80fd\u4f9d\u9760\u6d4f\u89c8\u5668\u9ed1\u540d\u5355\u548cOCSP\u54cd\u5e94\uff0c\u76ee\u524d\u7684\u65b9\u5411\u662f\u53d6\u6d88 subCA \u4e2d\u7684 OCSP \u54cd\u5e94\u6269\u5c55https:\/\/cdn.jsdelivr.net\/gh\/hishis\/forum-master\/public\/images\/patch.gif\t\t\t\t<\/p>\n<p>  \t\t\t\t\t<strong>iks<\/strong>  \t\t\t\t\u5927\u4f6c\u6709\u8bdd\u8bf4 : \t<\/p>\n<h3><\/h3>\n<p>  \t\tSafari \u53d7\u5f71\u54cd\u6700\u4e25\u91cd\uff1bIE, Opera \u7528\u6237\u5c11\uff0c\u4e0d\u4e88\u8003\u8651\uff1bGoogle Chrome \u53ca\u57fa\u4e8e Chromium \u5185\u6838\u4e14\u6ca1\u6709\u4fee\u6539 OCSP \u7b56\u7565\u7684\u6d4f\u89c8\u5668\u4e0d\u53d7\u5f71\u54cdhttps:\/\/cdn.jsdelivr.net\/gh\/hishis\/forum-master\/public\/images\/patch.gif\t\t\t\t<\/p>\n<p>  \t\t\t\t\t<strong>openboy<\/strong>  \t\t\t\t\u5927\u4f6c\u6709\u8bdd\u8bf4 : \t<\/p>\n<h3><\/h3>\n<p>  \t\tiks \u5927\u4f6c\u6709\u8bdd\u8bf4 : 2020-11-22 14:50<br \/>  Safari \u53d7\u5f71\u54cd\u6700\u4e25\u91cd\uff1bIE, Opera \u7528\u6237\u5c11\uff0c\u4e0d\u4e88\u8003\u8651\uff1bGoogle Chrome \u53ca\u57fa\u4e8e Chromium \u5185\u6838\u4e14\u6ca1\u6709\u4fee\u6539 OCSP&#8230;<\/p>\n<p> Safari\u5305\u62ec\u624b\u673a\u7aef\u7684\u5417\uff1f\t\t\t  <\/p>\n","protected":false},"excerpt":{"rendered":"<p>openboy \u5927\u4f6c\u6709\u8bdd\u8bf4 : l&hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[],"tags":[],"_links":{"self":[{"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/posts\/197334"}],"collection":[{"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=197334"}],"version-history":[{"count":0,"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/posts\/197334\/revisions"}],"wp:attachment":[{"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=197334"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=197334"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=197334"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}