starred/dehydrated
1
0
Fork 0
mirror of https://github.com/dehydrated-io/dehydrated.git synced 2026-01-11 22:30:44 +01:00
Code Issues 79 Packages Projects Releases 10 Wiki Activity

bogous ocsp response not updated #509

New Issue
Closed
opened 2025-12-29 01:26:28 +01:00 by adam · 1 comment
adam commented 2025-12-29 01:26:28 +01:00
Owner
Copy Link

Originally created by @bjacke on GitHub (Dec 3, 2020).

currently letsencrypt has an issue to deliver the correct oscp response after a certificate was issued. dehydrated returns in such cases:

  • Updating OCSP stapling file
    OCSP single response: Certificate ID does not match any certificate or issuer.

if you run dehydrated after that again it does not see, that the ocsp resonse is invalid and should be updated:

  • OCSP stapling file is still valid (skipping update)

It shoud see that the ocsp response does not match the current certificate and try to fetch a valid resonse instead.

Originally created by @bjacke on GitHub (Dec 3, 2020). currently letsencrypt has an issue to deliver the correct oscp response after a certificate was issued. dehydrated returns in such cases: + Updating OCSP stapling file OCSP single response: Certificate ID does not match any certificate or issuer. if you run dehydrated after that again it does not see, that the ocsp resonse is invalid and should be updated: + OCSP stapling file is still valid (skipping update) It shoud see that the ocsp response does not match the current certificate and try to fetch a valid resonse instead.
adam closed this issue 2025-12-29 01:26:28 +01:00
adam commented 2025-12-29 01:26:29 +01:00
Author
Owner
Copy Link

@bjacke commented on GitHub (Dec 10, 2020):

sorry, it turned out that this was a haproxy ocsp problem here, dehydrated is actually doing everything right here and checks that the ocsp response is the right one.

@bjacke commented on GitHub (Dec 10, 2020): sorry, it turned out that this was a haproxy ocsp problem here, dehydrated is actually doing everything right here and checks that the ocsp response is the right one.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
Complicated
bug
enhancement
help wanted
pull-request
Mirrored from GitHub Pull Request
 suggestions wanted
testing
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
adam
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/dehydrated#509
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?