OCSP_check_validity() status expired

ionsec nginx-forum at nginx.us
Wed Dec 24 13:05:38 UTC 2014

hi khav,

try adding the following lines to your nginx website configuration file:

        ssl_stapling on;
        ssl_stapling_verify on;
        ssl_trusted_certificate /etc/nginx/my_ssl_certs/ca-bundle.pem;
# note the PEM encoded X509 ca-bundle file should contain the ssl
# chain bundle (i.e. domain and intermediate CA certs)
        resolver valid=300s;
        resolver_timeout 5s;



Posted at Nginx Forum: http://forum.nginx.org/read.php?2,255769,255770#msg-255770

More information about the nginx mailing list