wgstarks Posted September 27, 2022 Share Posted September 27, 2022 I’m seeing these errors repeating about every 90 minutes in my system log. Sep 26 21:16:54 Brunnhilde nginx: 2022/09/26 21:16:54 [error] 10773#10773: recv() failed (111: Connection refused) while requesting certificate status, responder: r3.o.lencr.org, peer: 23.219.154.139:80, certificate: "/boot/config/ssl/certs/certificate_bundle.pem" Sep 26 21:16:54 Brunnhilde nginx: 2022/09/26 21:16:54 [error] 10773#10773: OCSP responder prematurely closed connection while requesting certificate status, responder: r3.o.lencr.org, peer: 23.219.154.139:80, certificate: "/boot/config/ssl/certs/certificate_bundle.pem" Is this something to be concerned about? brunnhilde-diagnostics-20220926-2312.zip Quote Link to comment
ljm42 Posted September 27, 2022 Share Posted September 27, 2022 It looks like you have a firewall blocking outgoing connections to this address: responder: r3.o.lencr.org, peer: 23.219.154.139:80 This is preventing your server from setting up OCSP stapling on the Lets Encrypt certificate. It isn't critical, but having it does speed up browser connections to the server. You can read about OCSP stapling here: https://knowledge.digicert.com/quovadis/ssl-certificates/ssl-general-topics/what-is-ocsp-stapling.html Quote Link to comment
wgstarks Posted September 27, 2022 Author Share Posted September 27, 2022 I use pfsense for my firewall but not using any filtering. Looks like the most recent occurrence of the error was at 0500 this morning. Perhaps that means it was a server problem and it’s now connecting. Is there anyway to check that? Quote Link to comment
wgstarks Posted September 27, 2022 Author Share Posted September 27, 2022 I can ping that IP. Quote Link to comment
Solution ljm42 Posted September 27, 2022 Solution Share Posted September 27, 2022 2 hours ago, wgstarks said: Looks like the most recent occurrence of the error was at 0500 this morning. Perhaps that means it was a server problem and it’s now connecting. Is there anyway to check that? I don't see any messages on my server either so I'd say it "succeeds silently". If there aren't any messages you are probably fine. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.