How to view the OCSP TLS response CertificateStatus?

Question

I'm currently trying to find out how a server handles OCSP stapling and want to view how often it is getting it's certificate signed. According to RFC 6066 (if I'm reading it right), the certificate and a time stamp should be signed and returned under status_request, if a CertificateStatus message is present. How can I view the timestamped certificate and it's corresponding signature? So far I've used Wireshark which does not seem to show this response as far as I can see. I've used curl which I think is verifying the certificate however I can't actually see the time stamped certificate (* SSL certificate status: good (0) ).

As a side question how recent does a timestamped certificate need to be for it to be valid?

Thanks in advance

Answer 1

You can use the openssl s_client command with the -status flag to send a certificate status request to the server. If the server supports OCSP stapling, you'll see the details of the OCSP response in the data, including the signature over it.

For example, if we try it with stackoverflow.com:

crow@mac:api$ openssl s_client -connect stackoverflow.com:443 -status
CONNECTED(00000006)
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
depth=0 CN = *.stackexchange.com
verify return:1
OCSP response: 
======================================
OCSP Response Data:
    OCSP Response Status: successful (0x0)
    Response Type: Basic OCSP Response
    Version: 1 (0x0)
    Responder Id: C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
    Produced At: Dec 10 14:03:00 2020 GMT
    Responses:
    Certificate ID:
      Hash Algorithm: sha1
      Issuer Name Hash: 7EE66AE7729AB3FCF8A220646C16A12D6071085D
      Issuer Key Hash: A84A6A63047DDDBAE6D139B7A64565EFF3A8ECA1
      Serial Number: 03F73CD163AB052D41D18294D569DB388C2E
    Cert Status: good
    This Update: Dec 10 14:00:00 2020 GMT
    Next Update: Dec 17 14:00:00 2020 GMT

    Signature Algorithm: sha256WithRSAEncryption
         9a:d6:32:9d:61:74:9a:d7:e0:46:a4:f8:e6:52:29:da:ce:b0:
         ...

In terms of how recent the response needs to be, you'll see that there's a "This Update" time which is the most recent time at which the responder (i.e. the party signing the OCSP response) knew the status to be correct, and a "Next Update" time which is the time at which newer information will be available. As long as the current time is between those two times, you can consider the response to be valid. Of course, it's always possible a newer (and different) response was created before that "Next Update" time, and the only way to know for sure is to make a live check to the OCSP server, but the general intent is that the window of time in the response should be sufficiently short that for most purposes you shouldn't need to worry about this.