Can I make Nginx automatically OCSP staple certificates at reload/restart?

That article explains one way to do it: https://matthiasadler.info/blog/ocsp-stapling-on-nginx-with-comodo-ssl/

The idea is to manually fetch de OCSP response and use the ssl_stapling_file directive.

https://unmitigatedrisk.com/?p=241 explains it in details:

URL=$(openssl x509 -in $SERVER_CER -text | grep “OCSP – URI:” | cut -d: -f2,3)

openssl ocsp -noverify -no_nonce -respout ocsp.resp -issuer \ $ISSUER_CER -cert $SERVER_CER -url $URL

Where “ocsp.resp” is whatever file you have configured in Nginx for the “ssl_stapling_file“.