Hello! On Wed, Feb 15, 2023 at 12:25:09PM -0500, PGNet Dev wrote:
> i run > > nginx -v > nginx version: nginx/1.23.3 (Local Build) > > nginx is launched on boot with a systemd service > > my site's ssl enabled, using letsencrypt certs > > in my boot logs, i see > > Feb 15 11:54:03 svr017 nginx[912]: nginx: [warn] "ssl_stapling" > ignored, host not found in OCSP responder "r3.o.lencr.org/" in the > certificate "/sec/svr017/fullchain.ec.crt.pem" [...] > is this warning due to a nginx misconfig? or a cert issue? The error message suggests there is something wrong with DNS on your host. If this happens only on boot but not when you restart/reload nginx after boot, this might indicate that DNS is not yet properly available when nginx starts. One possible reason is that nginx systemd service is not properly configured to depend on DNS being available: for nginx to start properly you may want to ensure that there is Wants= and After= dependency on network-online.target, and After= dependency on nss-lookup.target, see nginx.service as shipped by nginx.org nginx packages[1] for an example. [1] http://hg.nginx.org/pkg-oss/file/tip/debian/debian/nginx.service -- Maxim Dounin http://mdounin.ru/ _______________________________________________ nginx mailing list nginx@nginx.org https://mailman.nginx.org/mailman/listinfo/nginx
