LoopByte Official Blog

How to resolve Apache SSL website error : sec_error_ocsp_try_server_later

- Posted in Uncategorized by

Recently on one of our cPanel server we started getting error on SSL enabled sites in Firefox :-

"The OCSP server suggests trying again later. (Error code: sec_error_ocsp_try_server_later)"

All other browsers Chrome, Opera & Safari were not suffering from same issue. There were a few results in Google about same problem however none of them had actual fix. Only a temporary fix about disabling "OCSP server query" option in Firefox was shared but it wasn't a viable option since we can not ask each and every visitor to change their browser setting, also when disabled it worked for a while then again started generating the error.

After digging deeper we concluded that the recent Apache upgrade from 2.2 to 2.4 has started creating the problem. Apparently the SSL Stapling support introduced in Apache 2.4 has issues.

If you are having same issue then you can follow below given steps to safely disable the SSL Stapling on cPanel Servers :

Edit /usr/local/apache/conf/includes/pre_virtualhost_global.conf

The same file can also be modified from WHM - Apache Include Editor

And insert :

SSLUseStapling off

Restart Apache to reload the changes :

Service httpd restart

Comments