Jenny Lawrance

My feedback

  1. 202 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    18 comments  ·  Web Apps  ·  Flag idea as inappropriate…  ·  Admin →

    We’ve started deploying the feature to a small set of stamps. We’ll continue to monitor the stamps for performance and validate if the feature is working as expected. Once we are confident there are no issues, we will roll out to all regions.

    Thanks,
    Oded

    An error occurred while saving the comment
    Jenny Lawrance commented  · 

    HI Matthew, others,
    Yes, I can see that OCSP stapling is enabled for the default *.azurewebsites.net, but not custom domains. We are working on finding a solution to this. Thanks, Jenny

    An error occurred while saving the comment
    Jenny Lawrance commented  · 

    The servers doing SSL on app service has OCSP enabled by default, and runs with all latest patches.
    So, I'm confused that this is being reported as an issue. I ran the test against my web app on webpagetest.org, and while I see ocsp requests to comodoca.com, this seems to be after the initial page loaded, indicating that this request was made as part of additional CSS/js requests, which go against other web sites.

    Please provide an app where this clearly reproduces, and we will investigate further. Send email to jennylaw(at)microsoft.com with site name.

    Thanks,
    Jenny

Feedback and Knowledge Base