ECC OCSP nginx.conf ssl_stapling ignored

I've setup nginx with RSA and OCSP.

For another domain, in another server, I wanted to set it up using ECC and OCSP.

The certificate has been installed and it's working.
But the OCSP part is not.
When nginx -t, get:

nginx: [warn] "ssl_stapling" ignored, issuer certificate not found for certificate mydomain.com.cer

What I did was to get this certificate:
https://letsencrypt.org/certs/lets-encrypt-e1.pem

and use it in the ssl_trusted_certificate directive.

Apart from the ssl_certificate and ssl_certificate_key, the other directives are:

    ssl_protocols       TLSv1.2 TLSv1.3;
    ssl_prefer_server_ciphers on;
    ssl_ciphers "EECDH+ECDSA+AESGCM  EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 HIGH !RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS";
    ssl_dhparam /usr/pkg/etc/nginx/certs/dhparam.pem;
    ssl_stapling on;
    ssl_stapling_verify on;
    ssl_trusted_certificate /usr/pkg/etc/nginx/certs/lets-encrypt-e1.pem;
    ssl_session_cache   shared:SSL:20m;
    ssl_session_timeout 20m;
    ssl_session_tickets on;

As this is very complex to me, please explain as if I'm five what to do to have OCSP with ECC or if it's not possible.

If you're using acme.sh, you want to be setting ssl_certificate to fullchain.cer, not mydomain.com.cer.

Just set this to acme.sh's chain.cer.

Thank you very much @_az , Without your help I wouldn't find the solution.
All the best to you.

For the record:
ssl_certificate /somedir/.acme.sh//mysite.com_ecc/fullchain.cer; ssl_trusted_certificate /somedir/.acme.sh/mysite.com_ecc/ca.cer;

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.