It is possible to “staple” an OCSP response into higher level protocols such as TLS. This concept has been supported in Windows since Windows VISTA, shortly after it was added to OpenSSL/Apache and soon it will also be in Nginx. When “stapling” is used the subscriber (the web server in the TLS case) requests the … Continue reading How to seed the CryptoAPI URL cache with an OCSP response