Facebook
Twitter
- Server operating system version
- Alma 8
- Plesk version and microupdate number
- 18.0.69 #3
On
It means that the web server is configured to use OCSP stapling, but the SSL/TLS certificate used does not include an OCSP responder URL, so OCSP stapling cannot work. The SSL certificate does not contain an Authority Information Access (AIA) field with an OCSP URL, which is required for OCSP stapling. Without that, the server has no place to fetch the OCSP status from.
It seems that this affects all SSL certificates generated through the Plesk SSLIt extension. I am not sure whether this is a misconfiguration here or a bug, but given the large number of certs affected, I tend to think of it as a bug. The thing is, that previously that warning was not shown, e.g. several weeks ago. Something must have changed since then. Maybe an update? I am not sure when it started.
# nginx -t we are seeing lots of these lately:
Code:
nginx: [warn] "ssl_stapling" ignored, no OCSP responder URL in the certificate "/usr/local/psa/var/certificates/scftPr4m0"It means that the web server is configured to use OCSP stapling, but the SSL/TLS certificate used does not include an OCSP responder URL, so OCSP stapling cannot work. The SSL certificate does not contain an Authority Information Access (AIA) field with an OCSP URL, which is required for OCSP stapling. Without that, the server has no place to fetch the OCSP status from.
It seems that this affects all SSL certificates generated through the Plesk SSLIt extension. I am not sure whether this is a misconfiguration here or a bug, but given the large number of certs affected, I tend to think of it as a bug. The thing is, that previously that warning was not shown, e.g. several weeks ago. Something must have changed since then. Maybe an update? I am not sure when it started.
