Troubleshooting OCSP Stapling & error : OCSP failure on profile

Hi, I find an another post in devcentral to takl about that : https://devcentral.f5.com/questions/ocsp-stapling-37098 It's explain the same things. I update status age to 7 days and it's working after that. I open a support case and it's explain this : "we've find out that the issue could be related to the 'status age' parameter in the OCSP_Stapling_Thawte profile set be default to 1 day (86400 seconds). Mentioned errors found in the logs is produced when expired response is received from the OCSP responder. Our recommendation for the moment is to set it to 7 days and perform test again." And after : "I think that key thing is how status_age parameter is used. It's simply a mechanism by which the system can forcibly enforce a lifetime on responses, including those that omit the nextUpdate. In fact OCSP implementations in other systems allows to disable the status_age parameter (but it's not allowed on F5). Apache https://httpd.apache.org/docs/trunk/mod/mod_ssl.htmlsslstaplingresponsemaxage nginx http://hg.nginx.org/nginx/file/973fded4f461/src/event/ngx_event_openssl_stapling.cl625 According to following SOL article F5 now accepts new status age parameters: SOL16810: The Status Age parameter of the OCSP Stapling profile has new default value and acceptable range https://support.f5.com/kb/en-us/solutions/public/16000/800/sol16810.html?sr=50661207 I think that best way to approach right now is to try reproduce the issue while performing a packet capture (to capture client, VIP, DNS resolver and OCSP responder traffic) with debugging option enabled on the BigIP side. This would allow us to identify failing response. Afterwards please consider applying workaround and increase the OCSP status age (while capturing data) parameter to see if the issue is still there."