Skip to content
This repository was archived by the owner on Mar 27, 2026. It is now read-only.

ocsp notes

Jump to bottom
j47996 edited this page Oct 26, 2016 · 2 revisions

LetsEncrypt is picky and wants an addition "host" arg for openssl over the set used by ocsp_fetch.pl

cd /etc/letsencrypt/live/yourdomain.com
openssl ocsp -respout ocsp.der -issuer chain.pem -cert cert.pem -url http://ocsp.int-x1.letsencrypt.org -header "HOST" "ocsp.int-x1.letsencrypt.org" -verify_other chain.pem

Clone this wiki locally