OSCP error with Let's Encrypt #7
Description
Errors preventing SSL handshake caused web site to become suddenly unavailable:
2017/07/15 00:16:20 [error] 44#44: OCSP_check_validity() failed (SSL: error:2707307D:OCSP routines:OCSP_check_validity:status expired) while requesting certificate status, respond
er: ocsp.int-x3.letsencrypt.org
The certificate is not expired and Let's Encrypt OSCP server responds to ping and resolve with dig
openssl s_client -connect <website>:443 -tls1 -tlsextdebug -status
return handshake errors.
Temporary workaround is to force renew the certificate again.