OCSP: Setup on Windows Server 2008+

How enable OCSP stapling on Windows Servers

  1. Ensure you are using Windows Server 2008 or above.

    • Windows Server 2008 and above – OCSP Stapling is enabled by default.

    • Versions below 2008 do not support OCSP Stapling.

Please upgrade to Windows Server 2008 or later to enable OCSP Stapling.

  1. To confirm OCSP stapling is enabled on Windows 2008 or above:

    • Go to , enter your website address and click ‘Analyze’

    • Scroll down to ‘Certificate Status Details’

    • If OCSP is enabled, the “OCSP Stapling” row will say ‘Good’

    • If OCSP is not enabled, the “OCSP Stapling” row will say ‘Not Supported’

If you see the ‘Not Supported’ message and are using Windows Server 2008 or above, then it is possible you need to (re)enable OCSP stapling. Please consult Microsoft’s documentation for help with this -

  1. If you are still having issues, please check your Windows Server 2008+  can connect to Comodo’s OCSP servers at the following locations:


Destination IP

Port or 2a02:1788:2fd::b2ff:5301


For example, if you use telnet, use the following command:

telnet 80

If the test is successful the reply will state ‘Connected to’ for at least one of the ‘Destination IP’ addresses in the table above.

If the connection test is unsuccessful please make the required network changes to allow your server to connect to our OCSP servers. Once complete, we advise you to re-run the test in step 2 to establish whether OCSP stapling is now enabled.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request


Article is closed for comments.