In the last few days this message is logged by my Nginx-1.16.1 instance a few times a day:
Sep 28 05:13:54 alice nginx: 2019/09/28 05:13:54 [error] 787#787: OCSP responder prematurely closed connection while requesting certificate status, responder: ocsp.int-x3.letsencrypt.org, peer: [2600:1406:34::b819:3864]:80, certificate: "/etc/ssl/private/letsencrypt-hopyard.pem"
My webserver is reachable and there’s no connection issue for now, it’s just that the OCSP endpoint appears to be unreachable at times. However, letsencrypt.status.io reports that all is well. When I test it now, the OCSP endpoints are all reachable from the webserver machine (IPv4 works too):
$ ncat -vz ocsp.int-x3.letsencrypt.org 80 Ncat: Version 7.80 ( https://nmap.org/ncat ) Ncat: Connected to 2600:1406:34::b819:383c:80. Ncat: 0 bytes sent, 0 bytes received in 0.05 seconds.
Does anyone else see similar errors while contacting the OCSP endpoints?
ssl_stapling_verify both enabled for some time now