September 27, 20223 yr I’m seeing these errors repeating about every 90 minutes in my system log. Sep 26 21:16:54 Brunnhilde nginx: 2022/09/26 21:16:54 [error] 10773#10773: recv() failed (111: Connection refused) while requesting certificate status, responder: r3.o.lencr.org, peer: 23.219.154.139:80, certificate: "/boot/config/ssl/certs/certificate_bundle.pem" Sep 26 21:16:54 Brunnhilde nginx: 2022/09/26 21:16:54 [error] 10773#10773: OCSP responder prematurely closed connection while requesting certificate status, responder: r3.o.lencr.org, peer: 23.219.154.139:80, certificate: "/boot/config/ssl/certs/certificate_bundle.pem" Is this something to be concerned about? brunnhilde-diagnostics-20220926-2312.zip
September 27, 20223 yr It looks like you have a firewall blocking outgoing connections to this address: responder: r3.o.lencr.org, peer: 23.219.154.139:80 This is preventing your server from setting up OCSP stapling on the Lets Encrypt certificate. It isn't critical, but having it does speed up browser connections to the server. You can read about OCSP stapling here: https://knowledge.digicert.com/quovadis/ssl-certificates/ssl-general-topics/what-is-ocsp-stapling.html
September 27, 20223 yr Author I use pfsense for my firewall but not using any filtering. Looks like the most recent occurrence of the error was at 0500 this morning. Perhaps that means it was a server problem and it’s now connecting. Is there anyway to check that?
September 27, 20223 yr Solution 2 hours ago, wgstarks said: Looks like the most recent occurrence of the error was at 0500 this morning. Perhaps that means it was a server problem and it’s now connecting. Is there anyway to check that? I don't see any messages on my server either so I'd say it "succeeds silently". If there aren't any messages you are probably fine.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.