Firefox OCSP Error

Dan Garrow

• January 24, 2017 16:15

Hello, We have been receiving intermittent SEC_ERROR_OCSP_TRY_SERVER_LATER errors in Firefox since update to WHM 60.0.34 with Comodo certificates installed via AutoSSL.
[Tue Jan 24 15:45:19.929425 2017] [ssl:error] [pid 1576:tid 139648267380480] [client XXX.XXX.XXX.XXX:51539] AH01980: bad response from OCSP server: 307 Temporary Redirect [Tue Jan 24 15:45:19.929512 2017] [ssl:error] [pid 1576:tid 139648267380480] AH01941: stapling_renew_response: responder error
We have tried SSLStaplingFakeTryLater off in "Pre VirtualHost Include" section in "WHM Home " Service Configuration " Apache Configuration " Include Editor" and the intermittent issue persists. httpd.conf
SSLUseStapling on SSLStaplingCache shmcb:/var/run/apache2/stapling_cache_shmcb(256000) # Prevent browsers from failing if an OCSP server is temporarily broken. SSLStaplingReturnResponderErrors off SSLStaplingErrorCacheTimeout 60 SSLSessionCache shmcb:/var/run/apache2/ssl_gcache_data_shmcb(1024000) SSLSessionCache dbm:/var/run/apache2/ssl_gcache_data_dbm SSLSessionCacheTimeout 300 Mutex file:/var/run/apache2 ssl-cache SSLRandomSeed startup builtin SSLRandomSeed connect builtin AddType application/x-x509-ca-cert .crt AddType application/x-pkcs7-crl .crl
CENTOS 6.8 x86-64 WHM 60.0 (build 35) Server Version: Apache/2.4.25 (cPanel) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Thank you

• 

  cPanelMichael

  • January 25, 2017 14:30

  [Tue Jan 24 15:45:19.929425 2017] [ssl:error] [pid 1576:tid 139648267380480] [client XXX.XXX.XXX.XXX:51539] AH01980: bad response from OCSP server: 307 Temporary Redirect

  
  Hello, Do you have any firewall rules enabled on this system? If so, could you review your firewall logs for the time referenced in the log output above to see if you notice any activity related to this connection request to the OCSP server? Thank you.

  0

Please sign in to leave a comment.