On 6/5/2021 9:30 PM, Shawn Heisey wrote:
[WARNING] (81457) : Loading: OCSP response status not successful.
Content will be ignored.
I deleted the .ocsp file sitting next to the certificate file, and now
when I check the config file, it's says it's valid with no other messages.
root@smeagol:~# /usr/local/src/haproxy-2.4.0/haproxy -c -f
/etc/haproxy/haproxy.cfg
Configuration file is valid
root@smeagol:~#
Does 2.4 do stapling differently than 1.8 did? Where can I find some
info about that? Is my script for renewing the .ocsp file and sending
it to haproxy's socket now outdated?
I did try renewing the .ocsp file with my script and then checking the
config file, but it still gave me the warning. As it's a warning, I
could probably still get haproxy started, but unless somebody with
authority has a definitive statement telling me that it's safe to just
ignore it, I want to get rid of it.
Thanks,
Shawn
