Your nc subdomain is configured to use a self-signed cert. Not a Let's Encrypt certificate. At least when connecting from the public internet. See: SSL Checker
I don't know how to correct your system to fix that but this has nothing to do with LE and OCSP
Maybe the NPM support forum is a better place to ask about your configuration problem.