- These instructions are intended specifically for solving the error: “sec_error_ocsp_try_server_later”.
- This error can be displayed anytime a user visits a secure website using the https:// protocol in Firefox or Internet Explorer. It does not indicate a problem with the site itself, but occurs due to a change in the method these specific browsers use to check for revoked SSL certificates.
- We’ll be logging into WebHost Manager as root to resolve the error.
Certificate revocation checks can help prevent you from accidentally visiting a site that’s using a compromised security certificate. Historically, the web browser typically would check a Certificate Revocation List directly. But the newer process, known as OCSP stapling, relies on the web server to make the check and pass along the Certificate Authority’s cached response to the browser. Because this is a newer process and not yet an Internet standard, some servers may require a minor configuration change in order to comply with the browser’s request. If you see this error when connecting to a site on your cPanel server, you can easily enable OCSP stapling on your server directly from WHM.
Step #1: Open the Apache Include Editor in WHM
- In WHM, locate and select Apache Configuration in the left menu (you can start typing “apache” to quickly narrow down the choices) to open the Apache Configuration page.
- Scroll down to Include Editor and click on it.
- On the Include Editor page, scroll down to the Pre VirtualHost Include section and select All Versions underneath “I wish to edit the Pre VirtualHost configuration include file for:”
- Scroll past any directives that may be listed in the include, and add the following two lines at the very bottom:
SSLStaplingCache shmcb:/tmp/stapling_cache(128000)Note: Do not edit or alter any other directives that may be listed; make sure you’re simply adding the two lines above to the very bottom of the file.
- Click on the blue Update at the bottom to save the include file.
Step #2: Restart Apache to Apply the Settings
All you need to do to apply the new settings is to restart Apache. WHM makes that easier by presenting you with a Restart Apache button once you’ve saved your changes in the previous step.
Tagged with: apache • cpanel • firefox • https