Skip to main content

Autocert Must-Staple

  • Environmental Variable: AUTOCERT_MUST_STAPLE
  • Config File Key: autocert_must_staple
  • Type: bool
  • Optional

If true, force autocert to request a certificate with the status_request extension (commonly called Must-Staple). This allows the TLS client (id est the browser) to fail immediately if the TLS handshake doesn't include OCSP stapling information. This setting is only used when Autocert is true.

tip

This setting will only take effect when you request or renew your certificates.

For more details, please see RFC7633 .