From the course: CompTIA Security+ (SY0-701) Cert Prep: 1 General Security Concepts
Join today to access over 23,200 courses taught by industry experts.
Certificate stapling
From the course: CompTIA Security+ (SY0-701) Cert Prep: 1 General Security Concepts
Certificate stapling
The primary issue with OCSP is that it places a significant burden on the OCSP servers operated by certificate authorities. These servers must process requests from every single visitor to a website or other user of a digital certificate, verifying that the certificate is valid and hasn't been revoked. Certificate stapling is an extension to the Online Certificate Status Protocol that relieves some of the burden placed upon certificate authorities by the original protocol. Let's look at how certificate stapling works for a web server. When a user visits a website and initiates a secure connection, the website sends its certificate to the user's browser, which is then normally responsible for contacting an OCSP server to verify the certificate's validity. With certificate stapling, the web server contacts the OCSP server itself and receives a signed and time-stamped response from the OCSP server, which the web server then attaches or staples to the digital certificate. Then, when a…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
-
-
(Locked)
Trust models2m 52s
-
(Locked)
PKI and digital certificates4m 5s
-
(Locked)
Hash functions7m 38s
-
(Locked)
Digital signatures3m 50s
-
(Locked)
Digital signature standard1m 27s
-
(Locked)
Create a digital certificate4m 55s
-
(Locked)
Revoke a digital certificate1m 28s
-
(Locked)
Certificate stapling2m 29s
-
(Locked)
Certificate authorities6m 13s
-
(Locked)
Certificate subjects3m 35s
-
(Locked)
Certificate types2m 55s
-
(Locked)
Certificate formats2m 30s
-
(Locked)
-
-