Forum Discussion

Nimbostratus

Oct 03, 2018

[OCSP Stapling] Globalsign configuration

Hi everyone, My objective is simple : I want to set OCSP Stappling configuration on my HTTPS VIP. For that, I follow this article For information, Globalsign is my SSL provider and I have wildcar...

Employee

Oct 09, 2018

You can use ssldump to determine if stapling is actually happening.

ssldump -AdNn -i [client side VLAN] port 443 [and any other filters]

You'll see the status_request message in the Client Hello, and if the server supports it, a stapled response in Certificate Status. And compare this to a known-good stapling site like https://www.bing.com.

If you do see stapling transactions, it could be that Firefox (or SSLLabs) doesn't specifically trust the signer of your stapled response.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

[OCSP Stapling] Globalsign configuration

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

After upgrading from PeopleTools 8.59.11 to 8.61.11 F5 APM is not rewriting the internal URLs

F5 BIG IP laboratory license

F5 mssql health monitor failing

How can I get started with iCall

Connection Rest f5

Related Content

Configuring OCSP Stapling on BIG-IP

Enable OCSP Stapling via REST API

wccp configuration for SSL Orchestrator

OCSP Stapling Globalsign configuration

OCSP Stapling Globalsign configuration

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS