[ipxe-devel] [https] "iPXE root CA OCSP responder" expired

Michael Brown mcb30 at ipxe.org
Wed Mar 25 14:53:42 UTC 2020

On 12/03/2020 17:20, Denis Ryabyy wrote:
> A while ago I've got https on iPXE stop to work.
> After debugging this I have:
> iPXE> chain https://google.com   <--- trying to establish any ssl connection
> X509 0xebfc4 "iPXE root CA OCSP responder" has expired (at time 1584033180)
>    Permission denied (http://ipxe.org/0216e43c)
> So I can't to use https any more. Can anyone please help to update "iPXE 
> root CA OCSP responder" ?

As per IRC:

The certificates are updated monthly, but the OCSP service was not being 
automatically restarted following the server migration.  This should now 
be fixed.


More information about the ipxe-devel mailing list