[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#933129: apache2: OCSP stapling poorly handled, yielding trylater errors in the client

Control: found -1 2.4.38-3+deb10u1

On 2019-07-26 22:30:00 +0200, Vincent Lefevre wrote:
> I sometimes get SEC_ERROR_OCSP_TRY_SERVER_LATER errors in Firefox
> when I connect to my web server. The apache log shows errors like
> 
> [Fri Jul 26 20:01:31.355081 2019] [ssl:error] [pid 13552:tid 139871725876992] [client 207.46.13.73:1928] AH02321: empty response from OCSP server
> [Fri Jul 26 20:01:31.366890 2019] [ssl:error] [pid 13552:tid 139871725876992] [client 207.46.13.73:1928] AH01980: bad response from OCSP server: (none)
> [Fri Jul 26 20:01:31.366961 2019] [ssl:error] [pid 13552:tid 139871725876992] AH01941: stapling_renew_response: responder error

This still occurs. And when it does, I need to restart apache2.

-- 
Vincent Lefèvre <vincent@vinc17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)
Reply to: