OCSP responder timed out

[John_M]

I'm seeing a lot of this in the syslog of one server that uses https for the web GUI:

Aug 22 12:39:40 Northolt nginx: 2018/08/22 12:39:40 [error] 7259#7259: OCSP responder timed out (110: Connection timed out) while requesting certificate status, responder: ocsp.int-x3.letsencrypt.org, peer: 2.21.67.65:80, certificate: "/etc/ssl/certs/unraid_bundle.pem"

If I understand it correctly, the problem is outside my network. It happens every fifteen minutes or so and it's been happening continuously since 19 August (three days ago). It looks as though it's trying to verify the authenticity of the certificate but getting no response from LetsEncrypt's server. The current certificate is valid until 4 November. A second server, also using the https://#hash.unraid.net method isn't showing the error but it's certificate is due to expire on 28 October. Is there anything I can do or should I just wait? I'm considering reverting to http.

 

northolt-diagnostics-20180822-1329.zip

Edited August 22, 2018 by John_M
Attached diagnostics, FWIW

[John_M]

It was actually complaining every eight minutes.

 

Toggling Use SSL to Off (click Apply) and back to Auto (click Apply) seems to have stopped the messages.

[DontWorryScro]

On 8/24/2018 at 5:42 AM, John_M said:

It was actually complaining every eight minutes.

 

Toggling Use SSL to Off (click Apply) and back to Auto (click Apply) seems to have stopped the messages.

 

where is this toggle you speak of? im getting this error and i cant for the life of me figure out how to fix it

Edited November 27, 2022 by DontWorryScro

[John_M]

16 hours ago, DontWorryScro said:

where is this toggle you speak of? im getting this error and i cant for the life of me figure out how to fix it

 

It's on the Settings -> Management Settings page. The wording has changed slightly in the intervening four years. The item is now Use SSH/TLS and the options I would toggle between are Off and Strict.