Forum Discussion

Nimbostratus

Oct 08, 2009

OCSP responder trouble shooting

One of our test server is having trouble to initiate an OCSP check. The authentication status value is always misleading 1. However, from the tcp trace, we have noticed that there has been no traffic ...

config

design

hoolio

Cirrostratus

Oct 08, 2009

There are also two related fixes available in a hotfix for 9.4.8 for OCSP functionality that may help you:

CR125264 - HTTP::respond should be allowed in CLIENTSSL_HANDSHAKE

CR126501 - OCSP AUTH iRules need to detect server down vs. bad cert

CR126501 in particular may help you troubleshoot. You could contact F5 Support to get details on these issues.

Aaron

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

OCSP responder trouble shooting

F5 Academies Are Back – And We’re Coming to a City Near You

Introducing the F5 Application Study Tool (AST)

Recent Discussions

Big-Ip Edge Client specials characters problems

Which encyrtion algorithm is used when making Kerberos ticket encyrtion.

iControl for Gtm wideip

About F5 idle timeout and keep-alive

Problem with sending BotDefense logs to remote server

Related Content

Trouble applying GoDaddy certificate to a virtual server

OCSP Responder

Trouble with TCP::option set 28

Trouble redirecting on APM rejection.

Change cookie domain in HTTP::respond

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS