×


How to fix OCSP SSL Certificate Stapling error

OCSP SSL Certificate Stapling error is usually triggered when trying to access a website on a web browser using SSL HTTPS protocol.

Here are Ibmi Media, as part of our Server Support Services, we regularly help our customers fix SSL related issues.

In this context we shall look into how to fix this ssl error.


More about OCSP Stapling

OCSP stands for Online Certificate Status Protocol. It helps to check the revocation status of X. 509 digital certificates. This means that a Certificate Revocation check is done when a site is accessed on a web browser
Basically, OCSP stapling enhances the OCSP protocol by improving browsing experience while using the SSL protocol.

What triggers OCSP Stapling error?

Sometimes, you might get an error while accessing SSL HTTPS enabled sites on a web browser. The error message looks like this;

"The OCSP server suggests trying again later. (Error code: sec_error_ocsp_try_server_later)"


From our experience, we noticed that there was no problem with the website but rather the web browser in the way it check revoked SSL certificates.

In cPanel control panels, this issue can be fixed by simply enabling the OCSP stapling feature.


How to solve OCSP Stapling error?

In WHM control panel, follow the steps below to resolve this issue.

1. In your WHM control panel, Go to the Apache Include Editor and Navigate to "Apache Configuration" located at the left side of the pane.
Then scroll down to "Include Editor" and click it.
Once the Include Editor is open, look at for the "Pre-VirtualHost Include" attributes area and select the area which says "I wish to edit the Pre-VirtualHost configuration include file for:".
Now scroll down to the bottom of this file and add the following lines;

SSLUseStapling on
SSLStaplingCache shmcb:/tmp/stapling_cache(128000)


Finally, you can save this file by clicking on the "Update" button.

2. Next, do a restart of Apache Web Server to effect the changes made. You can use the "Restart Apache" button available in the Include Editor section.

Need support in fixing SSL errors? We are available.


Conclusion

OCSP SSL Stapling error is usually triggered when accessing a website using https:// SSL protocol.