Here’s a guide on adding OCSP to your Plesk 11.5.30 or Plesk 12.0.18 Panel.
Firstly you need to create a file containing both your intermediate and CA certificate, lets call it domainCA.pem.
create the folder…
|
1 |
mkdir /etc/ssl/ocsp/ |
and upload domainCA.pem to it.
Now create a file called ocsp.inc in
|
1 |
/etc/sw-cp-server/conf.d/ocsp.inc |
and add the following nginx directives to it…
|
1 2 3 4 5 |
ssl_stapling on; ssl_stapling_verify on; ssl_trusted_certificate /etc/ssl/ocsp/domainCA.pem; resolver 8.8.4.4 8.8.8.8 valid=300s; resolver_timeout 10s; |
Next you need to add an include statement for ocsp.inc in the plesk.conf file…
|
1 |
/etc/sw-cp-server/conf.d/plesk.conf |
Like so…
|
1 |
include conf.d/*ocsp.inc; |
With the other include directives.
And restart the Plesk server with
|
1 |
service sw-cp-server restart |
You now have OCSP on your Plesk Panel.
You can also add these directives on a per domain basis in the Plesk Panel under
Plesk -> Domains -> yourdomain.tld -> Apache & Nginx Settings -> Additional nginx directives