config
OCSP stapling failure
OCSP.*response.*error|OCSP stapling.*failed
Fixes
- 1.Ensure the server can reach the CA's OCSP responder URL (check firewall/DNS)
- 2.Add resolver directive in nginx for OCSP: resolver 8.8.8.8 valid=300s
- 3.Verify the OCSP responder URL in the cert: openssl x509 -noout -ocsp_uri -in cert.pem
sslOCSPstapling
Related Errors
config3 fixes
Nginx 502 Bad Gateway - upstream unavailable
502 Bad Gateway|upstream prematurely closed connection
- •Verify the upstream server is running and listening on the expected address/port
- •Increase proxy_read_timeout and proxy_connect_timeout for slow backends
config3 fixes
Nginx 504 Gateway Timeout
504 Gateway Time-?out|upstream timed out.*reading response
- •Increase proxy_read_timeout (default 60s): proxy_read_timeout 300s
- •Optimize the backend endpoint that's taking too long to respond
config3 fixes
Nginx redirect loop
rewrite or internal redirection cycle|return 301.*too many redirects
- •Check for conflicting rewrite rules that redirect back and forth (HTTP→HTTPS→HTTP)
- •Use 'return 301' instead of 'rewrite' for simple redirects to avoid rule interaction