Announcements 06-22-2012

OCSP-Stapling Improves NGINX Server Security

Flavio Martins

support of OCSP-Staling/MUST STAPLE means improved security for NGINX as it passes Apache as the server of choice among top sites on the Internet.

Beginning with the . The use of OCSP-Stapling, means that the growing number of top sites on the Internet using NGINX will take advantage of security enhancements added on top of SSL encryption.

New initiatives supported by are designed to improve online data security. Adding OCSP Stapling/MUST STAPLE, Certificate Authority Authorization (CAA), or taking advantage of Google's Certificate Transparency (CT), will helpimprove privacy, reliability and validitychecking for sites on the Internet.

“We have been continuously working on enhancements to NGINX that increase performance, reliability and security. With improved SSL functionality we expect the vast majority of our customers to share our enthusiasm for increased safety on the Internet.” -Igor Sysoev CTO and principal architect at NGINX

OCSP offers real-timestatus information used to confirmthat an SSL Certificate on a website is valid. OCSP acts as an authoritative answer for certificate trust without relying on cached information, and is popular alternative to revocation lists.

OCSP-Stapling takes basic OCSP to the next level of trust by allowing theorganization usingthe SSL Certificate, to respondto the browser's OCSP request instead relying solely on Certificate Authority.

NGINX has the reputation of being an ultra fast and reliable web server. Nearly 40% of top 1000 traffic sites on the Internet use the NGINX web server and it's increasingly becoming a popular web serverof choice for administrators.

UP NEXT
PKI

3 Surprising Uses of PKI in Big Companies and How to Ensure They Are all Secure

5 Min

Featured Stories

07-03-2024

What is a CA’s Role in delivering digital trust?

11-11-2024

FIPS 140-3 certification unlocked for TrustCore SDK

10-31-2024

Announcing the GA release of Device Trust Manager