When was the last time you thought about your website’s security?
If not recently, maybe now is the time. Both Chrome and Firefox are getting close to releasing the newest versions of their browsers that will noticeably mark your website as Not Secure to visitors.
In this article, we will explain Online Certificate Status Protocol (OCSP), how it works, and the importance of making the OCSP process as fast as possible on your secure HTTPS website.
What is Online Certificate Status Protocol (OSCP)?
The OSCP definition is pretty straight forward. It is a protocol for checking the status of an online certificate. In other words, OCSP is a set of steps taken to check the status of your SSL Certificate before your website is shown to the visitor. During this multi-step process the browser and your server will check/prove the identity of your website and then encrypt all information shared between the browser and the server so that hackers and phishers can’t intercept the data transfer.
How Does OSCP Work?
The Internet browser of your website visitor (like Chrome or Firefox) initiates what is called a handshake with your secured website, asking it to identify itself. Your secured website sends a copy of its SSL certificate, including the server’s public key.
The visitor’s browser checks the certificate root against a list of trusted CAs. It checks to make sure the certificate hasn’t expired, hasn’t been revoked, and that its common name is valid for the website to which the browser is connecting.
If the SSL Certificate is trusted by the browser, the browser produces and returns a symmetric session key using the public key it got from the server. The server decrypts the session key with the public key of its own on the server. The server then sends back the acknowledgement which has been encrypted by the session key.
The secure encrypted session begins.
Can OCSP Affect My Website Speed?
With so many steps back and forth you may be wondering how long this takes, especially as we stress the importance of site speed for SEO. The process should only take milliseconds because during this time your site visitor has to wait. The faster the OCSP process is completed, the more quickly your site visitor will gain access to your site. Google likes websites that can be accessed quickly.
That is why we recommend choosing a trusted Certificate Authority and purchasing a high-quality SSL Certificate.
How Do OCSP Response Times Compare Between Certificate Authorities?
There are a lot of Certificate Authorities (CAs) that sell SSL Certificates at various price points, but don’t let price be your only consideration.
You need to know that the Online Certificate Status Protocol (OCSP) speed with the company you choose can affect your website speed, and overall site traffic and rank with Google.
In our experience, DigiCert has one of the quickest OCSP response times in the industry, 4 to 8 times faster than most Certificate Authorities. This provides your site visitors with quick responses to OCSP requests through their browser.
Interested in learning more about SSL and putting OSCP into action on your website in order to provide your visitors with the most secure browsing experience possible?
Contact 1st on the List!