I’m currently fighting with nginx’ lazy OCSP stapling and try to get OCSP responses manually with
I try to fetch the OCSP response with
openssl ocsp -no_nonce -url "http://ocsp.int-x3.letsencrypt.org" \ -header "Host" "http://ocsp.int-x3.letsencrypt.org" \ -respout /some/path/ntzwrk.org.ocsp \ -issuer /etc/letsencrypt/live/ntzwrk.org/chain.pem \ -VAfile /etc/letsencrypt/live/ntzwrk.org/chain.pem \ -cert /etc/letsencrypt/live/ntzwrk.org/cert.pem
which results in
Error querying OCSP responder 140536047384208:error:27076072:OCSP routines:PARSE_HTTP_LINE1:server response error:ocsp_ht.c:314:Code=400,Reason=Bad Request
I worked through different forum threads but none of the problem seems to be mine. Does anybody has an idea what could cause this “Bad request” error? I saw that there were lately some issues with OCSP responses, is this maybe related to these?