Symptoms
-
Nginx test command reports the following error:
# nginx -t
nginx: [warn] "ssl_stapling" ignored, no OCSP responder URL in the certificate "/usr/local/psa/var/certificates/scfh9k6g9bc9ao67tuaZNv"
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
Cause
The OCSP stapling is enabled for the Let`s Encrypt certificate.
Since May 7, 2025, Let`s Encrypt has removed the OCSP URL from the certificates.
See more information here.
On the Plesk side we have implemented a feature with EXTSSLIT-2188 to automatically disable OCSP Stapling.
Resolution
Please consider updating your server:
Workaround
If update is not possible for some reason you may try the following
For one domain via the CLI:
# plesk ext sslit --ocsp-stapling -disable -domain example.com
For all domains via the CLI:
# plesk bin site -l | while read i; do plesk ext sslit --ocsp-stapling -disable -domain $i; done
Comments
This warning means the SSL certificate does not include an OCSP responder URL, so Nginx cannot enable OCSP stapling for it. It is not a critical error; umr insurance you can fix it by using a certificate that supports OCSP stapling or disable ssl_stapling if it is not required.
Nginx is still working correctly EdFinancial account
This warning means the SSL certificate does not include an OCSP responder URL, so Nginx cannot enable OCSP stapling for it. It is not a critical error; astute beta you can fix it by using a certificate that supports OCSP stapling or disable ssl_stapling if it is not required.
Please sign in to leave a comment.