There is a newer OCSP response but was not provided by the server

173279834462 nginx-forum at
Wed Sep 23 18:22:17 UTC 2015

The files are correct as they are: 
ssl_trusted_certificate includes the intermediate and the root ca, 
ssl_certificate includes the server's own and the intermediate. 

The error was ... in a missing ssl_trusted_certificate directive in one of
the server clauses. A human error, undetected by nginx. To prevent 
such errors from happening, considering the complexity of certain
configurations and the possibility of human error, it would be very
useful to have a static check from nginx, at startup. 

Moving forward, server is up and running with 

> ssl_stapling on;
> ssl_stapling_verify on;

and no ssl_stapling_file. 

The last problem standing is ...
the priming of the cache for each worker process. 

When nginx starts, it should prime all of its worker processes. 

Both the above recomendations are now in the wish list. 

Thank you for the exchange. I hope it will be useful to others.

Posted at Nginx Forum:,261716,261790#msg-261790

More information about the nginx mailing list