Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix OCSP response handling errors with Let's Encrypt #4

Merged
merged 4 commits into from Jul 17, 2021
Merged

Fix OCSP response handling errors with Let's Encrypt #4

merged 4 commits into from Jul 17, 2021

Conversation

airtower-luna
Copy link
Owner

@airtower-luna airtower-luna commented Jul 10, 2021
edited

  • Use SHA1 for issuer name hash and issuer key hash. Some CAs (notably Let's Encrypt) support only SHA1. Support for that is required by RFC 5019 and referenced in CAB Forum Baseline Requirements, too. This particular hash doesn't need to be cryptographically secure, so switching to SHA1 is the simplest solution.
  • Ensure the path in the HTTP request header is never empty, set / if the OCSP URI doesn't provide a path.
  • Use gnutls_ocsp_resp_verify_direct() to verify OCSP responses, sidestepping the complexity of trust lists.

Fixes #3.

@airtower-luna
Use CFLAGS from apr-config, not apxs
3020716 
Apxs adds flags from the Apache build it is from, and those might not
work in some cases, for example if a different compiler was used.
@airtower-luna
SHA1 for issuer name hash and issuer key hash in OCSP requests
c67643b 
Some CAs (notably Let's Encrypt) support only SHA1. Support for that
is required by RFC 5019 [1] and referenced in CAB Forum Baseline
Requirements, too. This particular hash doesn't need to be
cryptographically secure, so switching to SHA1 is the simplest
solution.

[1] https://datatracker.ietf.org/doc/html/rfc5019#section-2.1.1
@airtower-luna airtower-luna mentioned this pull request Jul 10, 2021
Closed
@Forza-tng
Copy link

Forza-tng commented Jul 10, 2021
edited

I've tried the fix against mod_gnutls-0.11 and installed the new mod_gnutls.so but I'm still getting an error and an warning.

File: ssl_error

[Sat Jul 10 19:06:15.759102 2021] [gnutls:error] [pid 33132:tid 139737742427712] Invalid HTTP response status from r3.o.lencr.org: HTTP/1.0 400 Bad Request            
[Sat Jul 10 19:06:15.759220 2021] [gnutls:error] [pid 33132:tid 139737742427712] (104)Connection reset by peer: [client 192.168.0.126:44698] Caching a fresh OCSP response failed

File tnonline.net-access_log

[Sat Jul 10 19:04:47.235441 2021] [gnutls:warn] [pid 33096:tid 139738245457792] Could not create OCSP stapling configuration for certificate 1 in chain (CN=R3,O=Let's Encrypt,C=US): No OCSP URI in the certificate nor a GnuTLSOCSPResponseFile setting, cannot configure OCSP stapling.
[Sat Jul 10 19:04:47.290615 2021] [gnutls:warn] [pid 33097:tid 139738245457792] Could not create OCSP stapling configuration for certificate 1 in chain (CN=R3,O=Let's Encrypt,C=US): No OCSP URI in the certificate nor a GnuTLSOCSPResponseFile setting, cannot configure OCSP stapling.

File: vhost.conf

<VirtualHost *:443>
Protocols       h2 h2c http/1.1                                                        
H2EarlyHints    on                                                                     
ServerName      tnonline.net                                                           
DocumentRoot    /var/www/domains/tnonline.net/htdocs/nextcloud                         
CustomLog       "/var/log/apache2/tnonline.net-access_log" vhost_combined              
ErrorLog        "/var/log/apache2/tnonline.net-error_log"
...

GnuTLSCertificateFile   /etc/letsencrypt/live/tnonline.net/fullchain.pem               
GnuTLSKeyFile           /etc/letsencrypt/live/tnonline.net/privkey.pem                 
Include                 /etc/letsencrypt/options-ssl-apache.conf

File: options-ssl-apache.conf

GnuTLSEnable on                                                                        
GnuTLSPriorities PFS:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-DTLS1.2
GnuTLSDHFile /etc/letsencrypt/dhparam_4096_gnutls.pem

File: 47_mod_gnutls.conf

<IfDefine GNUTLS>
LoadModule gnutls_module  modules/mod_gnutls.so
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
GnuTLSCache shmcb:/var/run/ssl_scache(512000)
</IfDefine>

Is there something else i am missing? I thought that GnuTLSOCSPResponseFile was an optional setting, but perhaps it isn't?

@airtower-luna
Copy link
Owner Author

Is there something else i am missing? I thought that GnuTLSOCSPResponseFile was an optional setting, but perhaps it isn't?

That setting is optional as long as your certificate contains the responder URL. The warning that mentions it is about an intermediate CA higher up the chain, and basically means mod_gnutls won't be able to staple an OCSP response for that CA certificate. It should still work for the server.

It's hard for me to guess what other constraints the Let's Encrypt responder might enforce. I wonder if there is any error message in the HTTP response? It's not logged currently, but you should be able to see it in a packet capture, or I could give you a patch that logs it (which I wouldn't want to do in production).

I'll try to go through RFC 5019 to see if there are other MUSTs that mod_gnutls should implement, but that won't tell me what Let's Encrypt actually enforces.

@Forza-tng
Copy link

Forza-tng commented Jul 11, 2021
edited

I wonder if there is any error message in the HTTP response?

The response is BAD REQUEST. I think it is missing a / in the Request URI, as we see from comparing mod_gnutls with OpenSSL.

mod_gnutls HTTP request

Hypertext Transfer Protocol
    POST  HTTP/1.0\r\n
        Request Method: POST
        Request URI: 
        Request Version: HTTP/1.0
    Host: r3.o.lencr.org\r\n
    Content-Type: application/ocsp-request\r\n
    Accept: application/ocsp-response\r\n
    Content-Length: 129\r\n
        [Content length: 129]
    \r\n
    [Full request URI: http://r3.o.lencr.org]
    [HTTP request 1/1]
    [Response in frame: 7]
    File Data: 129 bytes

OpenSSL HTTP request

Hypertext Transfer Protocol
    POST / HTTP/1.0\r\n
        Request Method: POST
        Request URI: /
        Request Version: HTTP/1.0
    Host: r3.o.lencr.org\r\n
    Content-Type: application/ocsp-request\r\n
    Content-Length: 122\r\n
        [Content length: 122]
    \r\n
    [Full request URI: http://r3.o.lencr.org/]
    [HTTP request 1/1]
    [Response in frame: 6]
    File Data: 122 bytes

mod_gnutls full packet dump:

request 
No.     Time           Source                Destination           Protocol Length Info
      6 0.054001155    2001:470:28:704::1    2a02:26f0:41::215:f0f0 OCSP     201    Request

Frame 6: 201 bytes on wire (1608 bits), 201 bytes captured (1608 bits) on interface he-ipv6, id 0
    Interface id: 0 (he-ipv6)
        Interface name: he-ipv6
    Encapsulation type: Raw IP (7)
    Arrival Time: Jul 11, 2021 12:22:07.597453913 CEST
    [Time shift for this packet: 0.000000000 seconds]
    Epoch Time: 1625998927.597453913 seconds
    [Time delta from previous captured frame: 0.000045285 seconds]
    [Time delta from previous displayed frame: 0.000045285 seconds]
    [Time since reference or first frame: 0.054001155 seconds]
    Frame Number: 6
    Frame Length: 201 bytes (1608 bits)
    Capture Length: 201 bytes (1608 bits)
    [Frame is marked: False]
    [Frame is ignored: False]
    [Protocols in frame: raw:ipv6:tcp:http:ocsp:ocsp]
    [Coloring Rule Name: HTTP]
    [Coloring Rule String: http || tcp.port == 80 || http2]
Raw packet data
Internet Protocol Version 6, Src: 2001:470:28:704::1, Dst: 2a02:26f0:41::215:f0f0
    0110 .... = Version: 6
    .... 0000 0010 .... .... .... .... .... = Traffic Class: 0x02 (DSCP: CS0, ECN: ECT(0))
        .... 0000 00.. .... .... .... .... .... = Differentiated Services Codepoint: Default (0)
        .... .... ..10 .... .... .... .... .... = Explicit Congestion Notification: ECN-Capable Transport codepoint '10' (2)
    .... .... .... 0011 0010 1000 0111 1110 = Flow Label: 0x3287e
    Payload Length: 161
    Next Header: TCP (6)
    Hop Limit: 64
    Source Address: 2001:470:28:704::1
    Destination Address: 2a02:26f0:41::215:f0f0
Transmission Control Protocol, Src Port: 58212, Dst Port: 80, Seq: 137, Ack: 1, Len: 129
    Source Port: 58212
    Destination Port: 80
    [Stream index: 0]
    [TCP Segment Len: 129]
    Sequence Number: 137    (relative sequence number)
    Sequence Number (raw): 4099363138
    [Next Sequence Number: 266    (relative sequence number)]
    Acknowledgment Number: 1    (relative ack number)
    Acknowledgment number (raw): 218011408
    1000 .... = Header Length: 32 bytes (8)
    Flags: 0x018 (PSH, ACK)
        000. .... .... = Reserved: Not set
        ...0 .... .... = Nonce: Not set
        .... 0... .... = Congestion Window Reduced (CWR): Not set
        .... .0.. .... = ECN-Echo: Not set
        .... ..0. .... = Urgent: Not set
        .... ...1 .... = Acknowledgment: Set
        .... .... 1... = Push: Set
        .... .... .0.. = Reset: Not set
        .... .... ..0. = Syn: Not set
        .... .... ...0 = Fin: Not set
        [TCP Flags: ·······AP···]
    Window: 511
    [Calculated window size: 65408]
    [Window size scaling factor: 128]
    Checksum: 0x707e [unverified]
    [Checksum Status: Unverified]
    Urgent Pointer: 0
    Options: (12 bytes), No-Operation (NOP), No-Operation (NOP), Timestamps
        TCP Option - No-Operation (NOP)
            Kind: No-Operation (1)
        TCP Option - No-Operation (NOP)
            Kind: No-Operation (1)
        TCP Option - Timestamps: TSval 1898260024, TSecr 4128685163
            Kind: Time Stamp Option (8)
            Length: 10
            Timestamp value: 1898260024
            Timestamp echo reply: 4128685163
    [SEQ/ACK analysis]
        [iRTT: 0.027036546 seconds]
        [Bytes in flight: 129]
        [Bytes sent since last PSH flag: 129]
    [Timestamps]
        [Time since first frame in this TCP stream: 0.054001155 seconds]
        [Time since previous frame in this TCP stream: 0.000045285 seconds]
    TCP payload (129 bytes)
    TCP segment data (129 bytes)
[2 Reassembled TCP Segments (265 bytes): #4(136), #6(129)]
    [Frame: 4, payload: 0-135 (136 bytes)]
    [Frame: 6, payload: 136-264 (129 bytes)]
    [Segment count: 2]
    [Reassembled TCP length: 265]
    [Reassembled TCP Data: 504f53542020485454502f312e300d0a486f73743a2072332e6f2e6c656e63722e6f7267…]
Hypertext Transfer Protocol
    POST  HTTP/1.0\r\n
        [Expert Info (Chat/Sequence): POST  HTTP/1.0\r\n]
            [POST  HTTP/1.0\r\n]
            [Severity level: Chat]
            [Group: Sequence]
        Request Method: POST
        Request URI: 
        Request Version: HTTP/1.0
    Host: r3.o.lencr.org\r\n
    Content-Type: application/ocsp-request\r\n
    Accept: application/ocsp-response\r\n
    Content-Length: 129\r\n
        [Content length: 129]
    \r\n
    [Full request URI: http://r3.o.lencr.org]
    [HTTP request 1/1]
    [Response in frame: 7]
    File Data: 129 bytes
Online Certificate Status Protocol
    tbsRequest
        requestList: 1 item
            Request
                reqCert
                    hashAlgorithm (SHA-1)
                        Algorithm Id: 1.3.14.3.2.26 (SHA-1)
                    issuerNameHash: 48dac9a0fb2bd32d4ff0de68d2f567b735f9b3c4
                    issuerKeyHash: 142eb317b75856cbae500940e61faf9d8b14c2c6
                    serialNumber: 0x03959f083f0dc52f537a97c62241aea1daae
        requestExtensions: 1 item
            Extension
                Id: 1.3.6.1.5.5.7.48.1.2 (id-pkix-ocsp-nonce)
                ReOcspNonce: 560414ff133da3ca6810a34c7fd858cc82fe3ac5baf45d

Frame (201 bytes):
0000  60 23 28 7e 00 a1 06 40 20 01 04 70 00 28 07 04   `#(~...@ ..p.(..
0010  00 00 00 00 00 00 00 01 2a 02 26 f0 00 41 00 00   ........*.&..A..
0020  00 00 00 00 02 15 f0 f0 e3 64 00 50 f4 57 51 42   .........d.P.WQB
0030  0c fe 97 10 80 18 01 ff 70 7e 00 00 01 01 08 0a   ........p~......
0040  71 25 26 38 f6 16 bc 6b 30 7f 30 7d 30 4f 30 4d   q%&8...k0.0}0O0M
0050  30 4b 30 09 06 05 2b 0e 03 02 1a 05 00 04 14 48   0K0...+........H
0060  da c9 a0 fb 2b d3 2d 4f f0 de 68 d2 f5 67 b7 35   ....+.-O..h..g.5
0070  f9 b3 c4 04 14 14 2e b3 17 b7 58 56 cb ae 50 09   ..........XV..P.
0080  40 e6 1f af 9d 8b 14 c2 c6 02 12 03 95 9f 08 3f   @..............?
0090  0d c5 2f 53 7a 97 c6 22 41 ae a1 da ae a2 2a 30   ../Sz.."A.....*0
00a0  28 30 26 06 09 2b 06 01 05 05 07 30 01 02 04 19   (0&..+.....0....
00b0  04 17 56 04 14 ff 13 3d a3 ca 68 10 a3 4c 7f d8   ..V....=..h..L..
00c0  58 cc 82 fe 3a c5 ba f4 5d                        X...:...]
Reassembled TCP (265 bytes):
0000  50 4f 53 54 20 20 48 54 54 50 2f 31 2e 30 0d 0a   POST  HTTP/1.0..
0010  48 6f 73 74 3a 20 72 33 2e 6f 2e 6c 65 6e 63 72   Host: r3.o.lencr
0020  2e 6f 72 67 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79   .org..Content-Ty
0030  70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f   pe: application/
0040  6f 63 73 70 2d 72 65 71 75 65 73 74 0d 0a 41 63   ocsp-request..Ac
0050  63 65 70 74 3a 20 61 70 70 6c 69 63 61 74 69 6f   cept: applicatio
0060  6e 2f 6f 63 73 70 2d 72 65 73 70 6f 6e 73 65 0d   n/ocsp-response.
0070  0a 43 6f 6e 74 65 6e 74 2d 4c 65 6e 67 74 68 3a   .Content-Length:
0080  20 31 32 39 0d 0a 0d 0a 30 7f 30 7d 30 4f 30 4d    129....0.0}0O0M
0090  30 4b 30 09 06 05 2b 0e 03 02 1a 05 00 04 14 48   0K0...+........H
00a0  da c9 a0 fb 2b d3 2d 4f f0 de 68 d2 f5 67 b7 35   ....+.-O..h..g.5
00b0  f9 b3 c4 04 14 14 2e b3 17 b7 58 56 cb ae 50 09   ..........XV..P.
00c0  40 e6 1f af 9d 8b 14 c2 c6 02 12 03 95 9f 08 3f   @..............?
00d0  0d c5 2f 53 7a 97 c6 22 41 ae a1 da ae a2 2a 30   ../Sz.."A.....*0
00e0  28 30 26 06 09 2b 06 01 05 05 07 30 01 02 04 19   (0&..+.....0....
00f0  04 17 56 04 14 ff 13 3d a3 ca 68 10 a3 4c 7f d8   ..V....=..h..L..
0100  58 cc 82 fe 3a c5 ba f4 5d                        X...:...]

mod_gnutls full packet dump:

response 
No.     Time           Source                Destination           Protocol Length Info
      7 0.054201525    2a02:26f0:41::215:f0f0 2001:470:28:704::1    HTTP     498    HTTP/1.0 400 Bad Request  (text/html)

Frame 7: 498 bytes on wire (3984 bits), 498 bytes captured (3984 bits) on interface he-ipv6, id 0
    Interface id: 0 (he-ipv6)
        Interface name: he-ipv6
    Encapsulation type: Raw IP (7)
    Arrival Time: Jul 11, 2021 12:22:07.597654283 CEST
    [Time shift for this packet: 0.000000000 seconds]
    Epoch Time: 1625998927.597654283 seconds
    [Time delta from previous captured frame: 0.000200370 seconds]
    [Time delta from previous displayed frame: 0.000200370 seconds]
    [Time since reference or first frame: 0.054201525 seconds]
    Frame Number: 7
    Frame Length: 498 bytes (3984 bits)
    Capture Length: 498 bytes (3984 bits)
    [Frame is marked: False]
    [Frame is ignored: False]
    [Protocols in frame: raw:ipv6:tcp:http:data-text-lines]
    [Coloring Rule Name: HTTP]
    [Coloring Rule String: http || tcp.port == 80 || http2]
Raw packet data
Internet Protocol Version 6, Src: 2a02:26f0:41::215:f0f0, Dst: 2001:470:28:704::1
    0110 .... = Version: 6
    .... 0000 0010 .... .... .... .... .... = Traffic Class: 0x02 (DSCP: CS0, ECN: ECT(0))
        .... 0000 00.. .... .... .... .... .... = Differentiated Services Codepoint: Default (0)
        .... .... ..10 .... .... .... .... .... = Explicit Congestion Notification: ECN-Capable Transport codepoint '10' (2)
    .... .... .... 1111 1111 0010 1010 0110 = Flow Label: 0xff2a6
    Payload Length: 458
    Next Header: TCP (6)
    Hop Limit: 58
    Source Address: 2a02:26f0:41::215:f0f0
    Destination Address: 2001:470:28:704::1
Transmission Control Protocol, Src Port: 80, Dst Port: 58212, Seq: 1, Ack: 137, Len: 426
    Source Port: 80
    Destination Port: 58212
    [Stream index: 0]
    [TCP Segment Len: 426]
    Sequence Number: 1    (relative sequence number)
    Sequence Number (raw): 218011408
    [Next Sequence Number: 427    (relative sequence number)]
    Acknowledgment Number: 137    (relative ack number)
    Acknowledgment number (raw): 4099363138
    1000 .... = Header Length: 32 bytes (8)
    Flags: 0x018 (PSH, ACK)
        000. .... .... = Reserved: Not set
        ...0 .... .... = Nonce: Not set
        .... 0... .... = Congestion Window Reduced (CWR): Not set
        .... .0.. .... = ECN-Echo: Not set
        .... ..0. .... = Urgent: Not set
        .... ...1 .... = Acknowledgment: Set
        .... .... 1... = Push: Set
        .... .... .0.. = Reset: Not set
        .... .... ..0. = Syn: Not set
        .... .... ...0 = Fin: Not set
        [TCP Flags: ·······AP···]
    Window: 232
    [Calculated window size: 29696]
    [Window size scaling factor: 128]
    Checksum: 0x474d [unverified]
    [Checksum Status: Unverified]
    Urgent Pointer: 0
    Options: (12 bytes), No-Operation (NOP), No-Operation (NOP), Timestamps
        TCP Option - No-Operation (NOP)
            Kind: No-Operation (1)
        TCP Option - No-Operation (NOP)
            Kind: No-Operation (1)
        TCP Option - Timestamps: TSval 4128685163, TSecr 1898259997
            Kind: Time Stamp Option (8)
            Length: 10
            Timestamp value: 4128685163
            Timestamp echo reply: 1898259997
    [SEQ/ACK analysis]
        [iRTT: 0.027036546 seconds]
        [Bytes in flight: 426]
        [Bytes sent since last PSH flag: 426]
    [Timestamps]
        [Time since first frame in this TCP stream: 0.054201525 seconds]
        [Time since previous frame in this TCP stream: 0.000200370 seconds]
    TCP payload (426 bytes)
Hypertext Transfer Protocol
    HTTP/1.0 400 Bad Request\r\n
        [Expert Info (Chat/Sequence): HTTP/1.0 400 Bad Request\r\n]
            [HTTP/1.0 400 Bad Request\r\n]
            [Severity level: Chat]
            [Group: Sequence]
        Response Version: HTTP/1.0
        Status Code: 400
        [Status Code Description: Bad Request]
        Response Phrase: Bad Request
    Server: AkamaiGHost\r\n
    Mime-Version: 1.0\r\n
    Content-Type: text/html\r\n
    Content-Length: 216\r\n
        [Content length: 216]
    Expires: Sun, 11 Jul 2021 10:22:07 GMT\r\n
    Date: Sun, 11 Jul 2021 10:22:07 GMT\r\n
    Connection: close\r\n
    \r\n
    [HTTP response 1/1]
    [Time since request: 0.000200370 seconds]
    [Request in frame: 6]
    [Request URI: http://r3.o.lencr.org]
    File Data: 216 bytes
Line-based text data: text/html (8 lines)
    <HTML><HEAD>\n
    <TITLE>Bad Request</TITLE>\n
    </HEAD><BODY>\n
    <H1>Bad Request</H1>\n
    Your browser sent a request that this server could not understand.<P>\n
    Reference&#32;&#35;7&#46;ecf01502&#46;1625998927&#46;0\n
    </BODY>\n
    </HTML>\n

0000  60 2f f2 a6 01 ca 06 3a 2a 02 26 f0 00 41 00 00   `/.....:*.&..A..
0010  00 00 00 00 02 15 f0 f0 20 01 04 70 00 28 07 04   ........ ..p.(..
0020  00 00 00 00 00 00 00 01 00 50 e3 64 0c fe 97 10   .........P.d....
0030  f4 57 51 42 80 18 00 e8 47 4d 00 00 01 01 08 0a   .WQB....GM......
0040  f6 16 bc 6b 71 25 26 1d 48 54 54 50 2f 31 2e 30   ...kq%&.HTTP/1.0
0050  20 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74    400 Bad Request
0060  0d 0a 53 65 72 76 65 72 3a 20 41 6b 61 6d 61 69   ..Server: Akamai
0070  47 48 6f 73 74 0d 0a 4d 69 6d 65 2d 56 65 72 73   GHost..Mime-Vers
0080  69 6f 6e 3a 20 31 2e 30 0d 0a 43 6f 6e 74 65 6e   ion: 1.0..Conten
0090  74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68 74 6d   t-Type: text/htm
00a0  6c 0d 0a 43 6f 6e 74 65 6e 74 2d 4c 65 6e 67 74   l..Content-Lengt
00b0  68 3a 20 32 31 36 0d 0a 45 78 70 69 72 65 73 3a   h: 216..Expires:
00c0  20 53 75 6e 2c 20 31 31 20 4a 75 6c 20 32 30 32    Sun, 11 Jul 202
00d0  31 20 31 30 3a 32 32 3a 30 37 20 47 4d 54 0d 0a   1 10:22:07 GMT..
00e0  44 61 74 65 3a 20 53 75 6e 2c 20 31 31 20 4a 75   Date: Sun, 11 Ju
00f0  6c 20 32 30 32 31 20 31 30 3a 32 32 3a 30 37 20   l 2021 10:22:07 
0100  47 4d 54 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a   GMT..Connection:
0110  20 63 6c 6f 73 65 0d 0a 0d 0a 3c 48 54 4d 4c 3e    close....<HTML>
0120  3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 42 61   <HEAD>.<TITLE>Ba
0130  64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45   d Request</TITLE
0140  3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a   >.</HEAD><BODY>.
0150  3c 48 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c   <H1>Bad Request<
0160  2f 48 31 3e 0a 59 6f 75 72 20 62 72 6f 77 73 65   /H1>.Your browse
0170  72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74   r sent a request
0180  20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65    that this serve
0190  72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65   r could not unde
01a0  72 73 74 61 6e 64 2e 3c 50 3e 0a 52 65 66 65 72   rstand.<P>.Refer
01b0  65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 37 26   ence&#32;&#35;7&
01c0  23 34 36 3b 65 63 66 30 31 35 30 32 26 23 34 36   #46;ecf01502&#46
01d0  3b 31 36 32 35 39 39 38 39 32 37 26 23 34 36 3b   ;1625998927&#46;
01e0  30 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c   0.</BODY>.</HTML
01f0  3e 0a                                             >.

OpenSSL full packet dump:
openssl ocsp -sha1 -issuer chain.pem -cert cert.pem -text -url http://r3.o.lencr.org

request 
No.     Time           Source                Destination           Protocol Length Info
      4 0.026503580    2001:470:28:704::1    2a02:26f0:41::215:f0f0 OCSP     296    Request

Frame 4: 296 bytes on wire (2368 bits), 296 bytes captured (2368 bits) on interface he-ipv6, id 0
    Interface id: 0 (he-ipv6)
        Interface name: he-ipv6
    Encapsulation type: Raw IP (7)
    Arrival Time: Jul 11, 2021 12:56:15.962507677 CEST
    [Time shift for this packet: 0.000000000 seconds]
    Epoch Time: 1626000975.962507677 seconds
    [Time delta from previous captured frame: 0.000114988 seconds]
    [Time delta from previous displayed frame: 0.000114988 seconds]
    [Time since reference or first frame: 0.026503580 seconds]
    Frame Number: 4
    Frame Length: 296 bytes (2368 bits)
    Capture Length: 296 bytes (2368 bits)
    [Frame is marked: False]
    [Frame is ignored: False]
    [Protocols in frame: raw:ipv6:tcp:http:ocsp:ocsp]
    [Coloring Rule Name: HTTP]
    [Coloring Rule String: http || tcp.port == 80 || http2]
Raw packet data
Internet Protocol Version 6, Src: 2001:470:28:704::1, Dst: 2a02:26f0:41::215:f0f0
    0110 .... = Version: 6
    .... 0000 0010 .... .... .... .... .... = Traffic Class: 0x02 (DSCP: CS0, ECN: ECT(0))
        .... 0000 00.. .... .... .... .... .... = Differentiated Services Codepoint: Default (0)
        .... .... ..10 .... .... .... .... .... = Explicit Congestion Notification: ECN-Capable Transport codepoint '10' (2)
    .... .... .... 1001 1001 0001 0011 1010 = Flow Label: 0x9913a
    Payload Length: 256
    Next Header: TCP (6)
    Hop Limit: 64
    Source Address: 2001:470:28:704::1
    Destination Address: 2a02:26f0:41::215:f0f0
Transmission Control Protocol, Src Port: 58230, Dst Port: 80, Seq: 1, Ack: 1, Len: 224
    Source Port: 58230
    Destination Port: 80
    [Stream index: 0]
    [TCP Segment Len: 224]
    Sequence Number: 1    (relative sequence number)
    Sequence Number (raw): 626270653
    [Next Sequence Number: 225    (relative sequence number)]
    Acknowledgment Number: 1    (relative ack number)
    Acknowledgment number (raw): 1297348941
    1000 .... = Header Length: 32 bytes (8)
    Flags: 0x018 (PSH, ACK)
        000. .... .... = Reserved: Not set
        ...0 .... .... = Nonce: Not set
        .... 0... .... = Congestion Window Reduced (CWR): Not set
        .... .0.. .... = ECN-Echo: Not set
        .... ..0. .... = Urgent: Not set
        .... ...1 .... = Acknowledgment: Set
        .... .... 1... = Push: Set
        .... .... .0.. = Reset: Not set
        .... .... ..0. = Syn: Not set
        .... .... ...0 = Fin: Not set
        [TCP Flags: ·······AP···]
    Window: 511
    [Calculated window size: 65408]
    [Window size scaling factor: 128]
    Checksum: 0x70dd [unverified]
    [Checksum Status: Unverified]
    Urgent Pointer: 0
    Options: (12 bytes), No-Operation (NOP), No-Operation (NOP), Timestamps
        TCP Option - No-Operation (NOP)
            Kind: No-Operation (1)
        TCP Option - No-Operation (NOP)
            Kind: No-Operation (1)
        TCP Option - Timestamps: TSval 1900308389, TSecr 4130733571
            Kind: Time Stamp Option (8)
            Length: 10
            Timestamp value: 1900308389
            Timestamp echo reply: 4130733571
    [SEQ/ACK analysis]
        [iRTT: 0.026388592 seconds]
        [Bytes in flight: 224]
        [Bytes sent since last PSH flag: 224]
    [Timestamps]
        [Time since first frame in this TCP stream: 0.026503580 seconds]
        [Time since previous frame in this TCP stream: 0.000114988 seconds]
    TCP payload (224 bytes)
Hypertext Transfer Protocol
    POST / HTTP/1.0\r\n
        [Expert Info (Chat/Sequence): POST / HTTP/1.0\r\n]
            [POST / HTTP/1.0\r\n]
            [Severity level: Chat]
            [Group: Sequence]
        Request Method: POST
        Request URI: /
        Request Version: HTTP/1.0
    Host: r3.o.lencr.org\r\n
    Content-Type: application/ocsp-request\r\n
    Content-Length: 122\r\n
        [Content length: 122]
    \r\n
    [Full request URI: http://r3.o.lencr.org/]
    [HTTP request 1/1]
    [Response in frame: 6]
    File Data: 122 bytes
Online Certificate Status Protocol
    tbsRequest
        requestList: 1 item
            Request
                reqCert
                    hashAlgorithm (SHA-1)
                        Algorithm Id: 1.3.14.3.2.26 (SHA-1)
                    issuerNameHash: 48dac9a0fb2bd32d4ff0de68d2f567b735f9b3c4
                    issuerKeyHash: 142eb317b75856cbae500940e61faf9d8b14c2c6
                    serialNumber: 0x04a22feac6122ced6ea93ea2f95e61e745b8
        requestExtensions: 1 item
            Extension
                Id: 1.3.6.1.5.5.7.48.1.2 (id-pkix-ocsp-nonce)
                ReOcspNonce: 9c2b853f0b01fa27fabe52443ffc09ab

0000  60 29 91 3a 01 00 06 40 20 01 04 70 00 28 07 04   `).:...@ ..p.(..
0010  00 00 00 00 00 00 00 01 2a 02 26 f0 00 41 00 00   ........*.&..A..
0020  00 00 00 00 02 15 f0 f0 e3 76 00 50 25 54 21 bd   .........v.P%T!.
0030  4d 53 f9 4d 80 18 01 ff 70 dd 00 00 01 01 08 0a   MS.M....p.......
0040  71 44 67 a5 f6 35 fe 03 50 4f 53 54 20 2f 20 48   qDg..5..POST / H
0050  54 54 50 2f 31 2e 30 0d 0a 48 6f 73 74 3a 20 72   TTP/1.0..Host: r
0060  33 2e 6f 2e 6c 65 6e 63 72 2e 6f 72 67 0d 0a 43   3.o.lencr.org..C
0070  6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70   ontent-Type: app
0080  6c 69 63 61 74 69 6f 6e 2f 6f 63 73 70 2d 72 65   lication/ocsp-re
0090  71 75 65 73 74 0d 0a 43 6f 6e 74 65 6e 74 2d 4c   quest..Content-L
00a0  65 6e 67 74 68 3a 20 31 32 32 0d 0a 0d 0a 30 78   ength: 122....0x
00b0  30 76 30 4f 30 4d 30 4b 30 09 06 05 2b 0e 03 02   0v0O0M0K0...+...
00c0  1a 05 00 04 14 48 da c9 a0 fb 2b d3 2d 4f f0 de   .....H....+.-O..
00d0  68 d2 f5 67 b7 35 f9 b3 c4 04 14 14 2e b3 17 b7   h..g.5..........
00e0  58 56 cb ae 50 09 40 e6 1f af 9d 8b 14 c2 c6 02   XV..P.@.........
00f0  12 04 a2 2f ea c6 12 2c ed 6e a9 3e a2 f9 5e 61   .../...,.n.>..^a
0100  e7 45 b8 a2 23 30 21 30 1f 06 09 2b 06 01 05 05   .E..#0!0...+....
0110  07 30 01 02 04 12 04 10 9c 2b 85 3f 0b 01 fa 27   .0.......+.?...'
0120  fa be 52 44 3f fc 09 ab                           ..RD?...

OpenSSL full packet dump:
openssl ocsp -sha1 -issuer chain.pem -cert cert.pem -text -url http://r3.o.lencr.org

response 
No.     Time           Source                Destination           Protocol Length Info
      6 0.208306278    2a02:26f0:41::215:f0f0 2001:470:28:704::1    OCSP     956    Response

Frame 6: 956 bytes on wire (7648 bits), 956 bytes captured (7648 bits) on interface he-ipv6, id 0
    Interface id: 0 (he-ipv6)
        Interface name: he-ipv6
    Encapsulation type: Raw IP (7)
    Arrival Time: Jul 11, 2021 12:56:16.144310375 CEST
    [Time shift for this packet: 0.000000000 seconds]
    Epoch Time: 1626000976.144310375 seconds
    [Time delta from previous captured frame: 0.155594257 seconds]
    [Time delta from previous displayed frame: 0.155594257 seconds]
    [Time since reference or first frame: 0.208306278 seconds]
    Frame Number: 6
    Frame Length: 956 bytes (7648 bits)
    Capture Length: 956 bytes (7648 bits)
    [Frame is marked: False]
    [Frame is ignored: False]
    [Protocols in frame: raw:ipv6:tcp:http:ocsp:ocsp:x509sat:x509sat:x509sat]
    [Coloring Rule Name: HTTP]
    [Coloring Rule String: http || tcp.port == 80 || http2]
Raw packet data
Internet Protocol Version 6, Src: 2a02:26f0:41::215:f0f0, Dst: 2001:470:28:704::1
    0110 .... = Version: 6
    .... 0000 0010 .... .... .... .... .... = Traffic Class: 0x02 (DSCP: CS0, ECN: ECT(0))
        .... 0000 00.. .... .... .... .... .... = Differentiated Services Codepoint: Default (0)
        .... .... ..10 .... .... .... .... .... = Explicit Congestion Notification: ECN-Capable Transport codepoint '10' (2)
    .... .... .... 0000 0000 1011 1011 0101 = Flow Label: 0x00bb5
    Payload Length: 916
    Next Header: TCP (6)
    Hop Limit: 58
    Source Address: 2a02:26f0:41::215:f0f0
    Destination Address: 2001:470:28:704::1
Transmission Control Protocol, Src Port: 80, Dst Port: 58230, Seq: 1, Ack: 225, Len: 884
    Source Port: 80
    Destination Port: 58230
    [Stream index: 0]
    [TCP Segment Len: 884]
    Sequence Number: 1    (relative sequence number)
    Sequence Number (raw): 1297348941
    [Next Sequence Number: 885    (relative sequence number)]
    Acknowledgment Number: 225    (relative ack number)
    Acknowledgment number (raw): 626270877
    1000 .... = Header Length: 32 bytes (8)
    Flags: 0x018 (PSH, ACK)
        000. .... .... = Reserved: Not set
        ...0 .... .... = Nonce: Not set
        .... 0... .... = Congestion Window Reduced (CWR): Not set
        .... .0.. .... = ECN-Echo: Not set
        .... ..0. .... = Urgent: Not set
        .... ...1 .... = Acknowledgment: Set
        .... .... 1... = Push: Set
        .... .... .0.. = Reset: Not set
        .... .... ..0. = Syn: Not set
        .... .... ...0 = Fin: Not set
        [TCP Flags: ·······AP···]
    Window: 232
    [Calculated window size: 29696]
    [Window size scaling factor: 128]
    Checksum: 0xee0c [unverified]
    [Checksum Status: Unverified]
    Urgent Pointer: 0
    Options: (12 bytes), No-Operation (NOP), No-Operation (NOP), Timestamps
        TCP Option - No-Operation (NOP)
            Kind: No-Operation (1)
        TCP Option - No-Operation (NOP)
            Kind: No-Operation (1)
        TCP Option - Timestamps: TSval 4130733753, TSecr 1900308389
            Kind: Time Stamp Option (8)
            Length: 10
            Timestamp value: 4130733753
            Timestamp echo reply: 1900308389
    [SEQ/ACK analysis]
        [iRTT: 0.026388592 seconds]
        [Bytes in flight: 884]
        [Bytes sent since last PSH flag: 884]
    [Timestamps]
        [Time since first frame in this TCP stream: 0.208306278 seconds]
        [Time since previous frame in this TCP stream: 0.155594257 seconds]
    TCP payload (884 bytes)
Hypertext Transfer Protocol
    HTTP/1.0 200 OK\r\n
        [Expert Info (Chat/Sequence): HTTP/1.0 200 OK\r\n]
            [HTTP/1.0 200 OK\r\n]
            [Severity level: Chat]
            [Group: Sequence]
        Response Version: HTTP/1.0
        Status Code: 200
        [Status Code Description: OK]
        Response Phrase: OK
    Server: nginx\r\n
    Content-Type: application/ocsp-response\r\n
    Content-Length: 503\r\n
        [Content length: 503]
    ETag: "31E258B631DBD9B6EFD7D1150B02BADDA6ACB83D4AE0F31B4AC864B5A32E98C2"\r\n
    Last-Modified: Fri, 09 Jul 2021 02:00:00 UTC\r\n
    Cache-Control: public, no-transform, must-revalidate, max-age=43200\r\n
    Expires: Sun, 11 Jul 2021 22:56:16 GMT\r\n
    Date: Sun, 11 Jul 2021 10:56:16 GMT\r\n
    Connection: close\r\n
    \r\n
    [HTTP response 1/1]
    [Time since request: 0.181802698 seconds]
    [Request in frame: 4]
    [Request URI: http://r3.o.lencr.org/]
    File Data: 503 bytes
Online Certificate Status Protocol
    responseStatus: successful (0)
    responseBytes
        ResponseType Id: 1.3.6.1.5.5.7.48.1.1 (id-pkix-ocsp-basic)
        BasicOCSPResponse
            tbsResponseData
                responderID: byName (1)
                    byName: 0
                        rdnSequence: 3 items (id-at-commonName=R3,id-at-organizationName=Let's Encrypt,id-at-countryName=US)
                            RDNSequence item: 1 item (id-at-countryName=US)
                                RelativeDistinguishedName item (id-at-countryName=US)
                                    Id: 2.5.4.6 (id-at-countryName)
                                    CountryName: US
                            RDNSequence item: 1 item (id-at-organizationName=Let's Encrypt)
                                RelativeDistinguishedName item (id-at-organizationName=Let's Encrypt)
                                    Id: 2.5.4.10 (id-at-organizationName)
                                    DirectoryString: printableString (1)
                                        printableString: Let's Encrypt
                            RDNSequence item: 1 item (id-at-commonName=R3)
                                RelativeDistinguishedName item (id-at-commonName=R3)
                                    Id: 2.5.4.3 (id-at-commonName)
                                    DirectoryString: printableString (1)
                                        printableString: R3
                producedAt: 2021-07-09 02:10:00 (UTC)
                responses: 1 item
                    SingleResponse
                        certID
                            hashAlgorithm (SHA-1)
                                Algorithm Id: 1.3.14.3.2.26 (SHA-1)
                            issuerNameHash: 48dac9a0fb2bd32d4ff0de68d2f567b735f9b3c4
                            issuerKeyHash: 142eb317b75856cbae500940e61faf9d8b14c2c6
                            serialNumber: 0x04a22feac6122ced6ea93ea2f95e61e745b8
                        certStatus: good (0)
                            good
                        thisUpdate: 2021-07-09 02:00:00 (UTC)
                        nextUpdate: 2021-07-16 02:00:00 (UTC)
            signatureAlgorithm (sha256WithRSAEncryption)
                Algorithm Id: 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
            Padding: 0
            signature: 58dbb8b61b88102708f776b5dd4b47fc7ed48d76e44ab63bee5c3e55ae3eee7ff7e3ef0f…

0000  60 20 0b b5 03 94 06 3a 2a 02 26 f0 00 41 00 00   ` .....:*.&..A..
0010  00 00 00 00 02 15 f0 f0 20 01 04 70 00 28 07 04   ........ ..p.(..
0020  00 00 00 00 00 00 00 01 00 50 e3 76 4d 53 f9 4d   .........P.vMS.M
0030  25 54 22 9d 80 18 00 e8 ee 0c 00 00 01 01 08 0a   %T".............
0040  f6 35 fe b9 71 44 67 a5 48 54 54 50 2f 31 2e 30   .5..qDg.HTTP/1.0
0050  20 32 30 30 20 4f 4b 0d 0a 53 65 72 76 65 72 3a    200 OK..Server:
0060  20 6e 67 69 6e 78 0d 0a 43 6f 6e 74 65 6e 74 2d    nginx..Content-
0070  54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f   Type: applicatio
0080  6e 2f 6f 63 73 70 2d 72 65 73 70 6f 6e 73 65 0d   n/ocsp-response.
0090  0a 43 6f 6e 74 65 6e 74 2d 4c 65 6e 67 74 68 3a   .Content-Length:
00a0  20 35 30 33 0d 0a 45 54 61 67 3a 20 22 33 31 45    503..ETag: "31E
00b0  32 35 38 42 36 33 31 44 42 44 39 42 36 45 46 44   258B631DBD9B6EFD
00c0  37 44 31 31 35 30 42 30 32 42 41 44 44 41 36 41   7D1150B02BADDA6A
00d0  43 42 38 33 44 34 41 45 30 46 33 31 42 34 41 43   CB83D4AE0F31B4AC
00e0  38 36 34 42 35 41 33 32 45 39 38 43 32 22 0d 0a   864B5A32E98C2"..
00f0  4c 61 73 74 2d 4d 6f 64 69 66 69 65 64 3a 20 46   Last-Modified: F
0100  72 69 2c 20 30 39 20 4a 75 6c 20 32 30 32 31 20   ri, 09 Jul 2021 
0110  30 32 3a 30 30 3a 30 30 20 55 54 43 0d 0a 43 61   02:00:00 UTC..Ca
0120  63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 70 75 62   che-Control: pub
0130  6c 69 63 2c 20 6e 6f 2d 74 72 61 6e 73 66 6f 72   lic, no-transfor
0140  6d 2c 20 6d 75 73 74 2d 72 65 76 61 6c 69 64 61   m, must-revalida
0150  74 65 2c 20 6d 61 78 2d 61 67 65 3d 34 33 32 30   te, max-age=4320
0160  30 0d 0a 45 78 70 69 72 65 73 3a 20 53 75 6e 2c   0..Expires: Sun,
0170  20 31 31 20 4a 75 6c 20 32 30 32 31 20 32 32 3a    11 Jul 2021 22:
0180  35 36 3a 31 36 20 47 4d 54 0d 0a 44 61 74 65 3a   56:16 GMT..Date:
0190  20 53 75 6e 2c 20 31 31 20 4a 75 6c 20 32 30 32    Sun, 11 Jul 202
01a0  31 20 31 30 3a 35 36 3a 31 36 20 47 4d 54 0d 0a   1 10:56:16 GMT..
01b0  43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73   Connection: clos
01c0  65 0d 0a 0d 0a 30 82 01 f3 0a 01 00 a0 82 01 ec   e....0..........
01d0  30 82 01 e8 06 09 2b 06 01 05 05 07 30 01 01 04   0.....+.....0...
01e0  82 01 d9 30 82 01 d5 30 81 be a1 34 30 32 31 0b   ...0...0...4021.
01f0  30 09 06 03 55 04 06 13 02 55 53 31 16 30 14 06   0...U....US1.0..
0200  03 55 04 0a 13 0d 4c 65 74 27 73 20 45 6e 63 72   .U....Let's Encr
0210  79 70 74 31 0b 30 09 06 03 55 04 03 13 02 52 33   ypt1.0...U....R3
0220  18 0f 32 30 32 31 30 37 30 39 30 32 31 30 30 30   ..20210709021000
0230  5a 30 75 30 73 30 4b 30 09 06 05 2b 0e 03 02 1a   Z0u0s0K0...+....
0240  05 00 04 14 48 da c9 a0 fb 2b d3 2d 4f f0 de 68   ....H....+.-O..h
0250  d2 f5 67 b7 35 f9 b3 c4 04 14 14 2e b3 17 b7 58   ..g.5..........X
0260  56 cb ae 50 09 40 e6 1f af 9d 8b 14 c2 c6 02 12   V..P.@..........
0270  04 a2 2f ea c6 12 2c ed 6e a9 3e a2 f9 5e 61 e7   ../...,.n.>..^a.
0280  45 b8 80 00 18 0f 32 30 32 31 30 37 30 39 30 32   E.....2021070902
0290  30 30 30 30 5a a0 11 18 0f 32 30 32 31 30 37 31   0000Z....2021071
02a0  36 30 32 30 30 30 30 5a 30 0d 06 09 2a 86 48 86   6020000Z0...*.H.
02b0  f7 0d 01 01 0b 05 00 03 82 01 01 00 58 db b8 b6   ............X...
02c0  1b 88 10 27 08 f7 76 b5 dd 4b 47 fc 7e d4 8d 76   ...'..v..KG.~..v
02d0  e4 4a b6 3b ee 5c 3e 55 ae 3e ee 7f f7 e3 ef 0f   .J.;.\>U.>......
02e0  d8 df df b7 45 81 66 b2 e5 43 82 6d c0 96 e8 f0   ....E.f..C.m....
02f0  c9 c3 c6 d0 e9 d9 68 da a1 50 0e 65 1f f8 38 71   ......h..P.e..8q
0300  46 b2 e4 7c 0c 48 0f 89 a0 c6 ed bd 33 69 60 0f   F..|.H......3i`.
0310  76 ba e4 b0 20 34 f9 42 57 5d 14 b8 8f 95 5f 15   v... 4.BW]...._.
0320  39 d5 4e a0 37 e0 b6 f1 15 94 c7 4e ec ec 38 2d   9.N.7......N..8-
0330  02 7f 0d de ca ee 94 d6 4c 32 a5 c7 64 cc a2 3f   ........L2..d..?
0340  0d fc 10 93 f7 1c 32 80 4a f9 4d 7b f7 bf eb fd   ......2.J.M{....
0350  a3 88 99 e5 4b 10 08 05 f5 c9 f3 af ab 7f ed ab   ....K...........
0360  99 fd 89 86 11 fa 33 ac 30 cf 70 09 76 cb 87 02   ......3.0.p.v...
0370  8f 83 f2 cf 34 90 87 23 0e c3 42 6f 96 28 7a 35   ....4..#..Bo.(z5
0380  24 2d 82 af 2f e9 2f 9c 8b b0 5a 8e 15 e4 aa f6   $-.././...Z.....
0390  e4 ec 2d a0 12 49 21 21 66 6d 05 df 67 2c e9 12   ..-..I!!fm..g,..
03a0  a3 e5 5d 12 ee 06 0e 23 09 34 a6 5c 27 f5 99 04   ..]....#.4.\'...
03b0  84 26 a9 fb fa f5 cc 96 2d b5 5a 12               .&......-.Z.

@airtower-luna
Copy link
Owner Author

Thank you, that's an important clue! Could you test the additional patch in b8e9e11, please?

@Forza-tng
Copy link

Forza-tng commented Jul 11, 2021
edited

Thank you, that's an important clue! Could you test the additional patch in b8e9e11, please?

This works. I am now getting a correct response. :)

wireshark-packet-dump

request 
No.     Time           Source                Destination           Protocol Length Info
     35 35.789488372   2001:470:28:704::1    2a02:26f0:6c00::210:ba60 OCSP     201    Request

Frame 35: 201 bytes on wire (1608 bits), 201 bytes captured (1608 bits) on interface he-ipv6, id 0
    Interface id: 0 (he-ipv6)
        Interface name: he-ipv6
    Encapsulation type: Raw IP (7)
    Arrival Time: Jul 11, 2021 13:54:02.617848146 CEST
    [Time shift for this packet: 0.000000000 seconds]
    Epoch Time: 1626004442.617848146 seconds
    [Time delta from previous captured frame: 0.000042230 seconds]
    [Time delta from previous displayed frame: 0.000042230 seconds]
    [Time since reference or first frame: 35.789488372 seconds]
    Frame Number: 35
    Frame Length: 201 bytes (1608 bits)
    Capture Length: 201 bytes (1608 bits)
    [Frame is marked: False]
    [Frame is ignored: False]
    [Protocols in frame: raw:ipv6:tcp:http:ocsp:ocsp]
    [Coloring Rule Name: HTTP]
    [Coloring Rule String: http || tcp.port == 80 || http2]
Raw packet data
Internet Protocol Version 6, Src: 2001:470:28:704::1, Dst: 2a02:26f0:6c00::210:ba60
    0110 .... = Version: 6
    .... 0000 0010 .... .... .... .... .... = Traffic Class: 0x02 (DSCP: CS0, ECN: ECT(0))
        .... 0000 00.. .... .... .... .... .... = Differentiated Services Codepoint: Default (0)
        .... .... ..10 .... .... .... .... .... = Explicit Congestion Notification: ECN-Capable Transport codepoint '10' (2)
    .... .... .... 1010 1101 1110 1001 1100 = Flow Label: 0xade9c
    Payload Length: 161
    Next Header: TCP (6)
    Hop Limit: 64
    Source Address: 2001:470:28:704::1
    Destination Address: 2a02:26f0:6c00::210:ba60
Transmission Control Protocol, Src Port: 58236, Dst Port: 80, Seq: 138, Ack: 1, Len: 129
    Source Port: 58236
    Destination Port: 80
    [Stream index: 3]
    [TCP Segment Len: 129]
    Sequence Number: 138    (relative sequence number)
    Sequence Number (raw): 2889577374
    [Next Sequence Number: 267    (relative sequence number)]
    Acknowledgment Number: 1    (relative ack number)
    Acknowledgment number (raw): 1600940355
    1000 .... = Header Length: 32 bytes (8)
    Flags: 0x018 (PSH, ACK)
        000. .... .... = Reserved: Not set
        ...0 .... .... = Nonce: Not set
        .... 0... .... = Congestion Window Reduced (CWR): Not set
        .... .0.. .... = ECN-Echo: Not set
        .... ..0. .... = Urgent: Not set
        .... ...1 .... = Acknowledgment: Set
        .... .... 1... = Push: Set
        .... .... .0.. = Reset: Not set
        .... .... ..0. = Syn: Not set
        .... .... ...0 = Fin: Not set
        [TCP Flags: ·······AP···]
    Window: 511
    [Calculated window size: 65408]
    [Window size scaling factor: 128]
    Checksum: 0xa5a8 [unverified]
    [Checksum Status: Unverified]
    Urgent Pointer: 0
    Options: (12 bytes), No-Operation (NOP), No-Operation (NOP), Timestamps
        TCP Option - No-Operation (NOP)
            Kind: No-Operation (1)
        TCP Option - No-Operation (NOP)
            Kind: No-Operation (1)
        TCP Option - Timestamps: TSval 3539871605, TSecr 313067653
            Kind: Time Stamp Option (8)
            Length: 10
            Timestamp value: 3539871605
            Timestamp echo reply: 313067653
    [SEQ/ACK analysis]
        [iRTT: 0.025993840 seconds]
        [Bytes in flight: 129]
        [Bytes sent since last PSH flag: 129]
    [Timestamps]
        [Time since first frame in this TCP stream: 0.051935261 seconds]
        [Time since previous frame in this TCP stream: 0.000042230 seconds]
    TCP payload (129 bytes)
    TCP segment data (129 bytes)
[2 Reassembled TCP Segments (266 bytes): #33(137), #35(129)]
    [Frame: 33, payload: 0-136 (137 bytes)]
    [Frame: 35, payload: 137-265 (129 bytes)]
    [Segment count: 2]
    [Reassembled TCP length: 266]
    [Reassembled TCP Data: 504f5354202f20485454502f312e300d0a486f73743a2072332e6f2e6c656e63722e6f72…]
Hypertext Transfer Protocol
    POST / HTTP/1.0\r\n
        [Expert Info (Chat/Sequence): POST / HTTP/1.0\r\n]
            [POST / HTTP/1.0\r\n]
            [Severity level: Chat]
            [Group: Sequence]
        Request Method: POST
        Request URI: /
        Request Version: HTTP/1.0
    Host: r3.o.lencr.org\r\n
    Content-Type: application/ocsp-request\r\n
    Accept: application/ocsp-response\r\n
    Content-Length: 129\r\n
        [Content length: 129]
    \r\n
    [Full request URI: http://r3.o.lencr.org/]
    [HTTP request 1/1]
    [Response in frame: 37]
    File Data: 129 bytes
Online Certificate Status Protocol
    tbsRequest
        requestList: 1 item
            Request
                reqCert
                    hashAlgorithm (SHA-1)
                        Algorithm Id: 1.3.14.3.2.26 (SHA-1)
                    issuerNameHash: 48dac9a0fb2bd32d4ff0de68d2f567b735f9b3c4
                    issuerKeyHash: 142eb317b75856cbae500940e61faf9d8b14c2c6
                    serialNumber: 0x04a22feac6122ced6ea93ea2f95e61e745b8
        requestExtensions: 1 item
            Extension
                Id: 1.3.6.1.5.5.7.48.1.2 (id-pkix-ocsp-nonce)
                ReOcspNonce: be38747b3d6716556f6663e2c39067363c01f0d4769eaa

Frame (201 bytes):
0000  60 2a de 9c 00 a1 06 40 20 01 04 70 00 28 07 04   `*.....@ ..p.(..
0010  00 00 00 00 00 00 00 01 2a 02 26 f0 6c 00 00 00   ........*.&.l...
0020  00 00 00 00 02 10 ba 60 e3 7c 00 50 ac 3b 73 9e   .......`.|.P.;s.
0030  5f 6c 69 43 80 18 01 ff a5 a8 00 00 01 01 08 0a   _liC............
0040  d2 fe 27 75 12 a9 08 85 30 7f 30 7d 30 4f 30 4d   ..'u....0.0}0O0M
0050  30 4b 30 09 06 05 2b 0e 03 02 1a 05 00 04 14 48   0K0...+........H
0060  da c9 a0 fb 2b d3 2d 4f f0 de 68 d2 f5 67 b7 35   ....+.-O..h..g.5
0070  f9 b3 c4 04 14 14 2e b3 17 b7 58 56 cb ae 50 09   ..........XV..P.
0080  40 e6 1f af 9d 8b 14 c2 c6 02 12 04 a2 2f ea c6   @............/..
0090  12 2c ed 6e a9 3e a2 f9 5e 61 e7 45 b8 a2 2a 30   .,.n.>..^a.E..*0
00a0  28 30 26 06 09 2b 06 01 05 05 07 30 01 02 04 19   (0&..+.....0....
00b0  04 17 be 38 74 7b 3d 67 16 55 6f 66 63 e2 c3 90   ...8t{=g.Uofc...
00c0  67 36 3c 01 f0 d4 76 9e aa                        g6<...v..
Reassembled TCP (266 bytes):
0000  50 4f 53 54 20 2f 20 48 54 54 50 2f 31 2e 30 0d   POST / HTTP/1.0.
0010  0a 48 6f 73 74 3a 20 72 33 2e 6f 2e 6c 65 6e 63   .Host: r3.o.lenc
0020  72 2e 6f 72 67 0d 0a 43 6f 6e 74 65 6e 74 2d 54   r.org..Content-T
0030  79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e   ype: application
0040  2f 6f 63 73 70 2d 72 65 71 75 65 73 74 0d 0a 41   /ocsp-request..A
0050  63 63 65 70 74 3a 20 61 70 70 6c 69 63 61 74 69   ccept: applicati
0060  6f 6e 2f 6f 63 73 70 2d 72 65 73 70 6f 6e 73 65   on/ocsp-response
0070  0d 0a 43 6f 6e 74 65 6e 74 2d 4c 65 6e 67 74 68   ..Content-Length
0080  3a 20 31 32 39 0d 0a 0d 0a 30 7f 30 7d 30 4f 30   : 129....0.0}0O0
0090  4d 30 4b 30 09 06 05 2b 0e 03 02 1a 05 00 04 14   M0K0...+........
00a0  48 da c9 a0 fb 2b d3 2d 4f f0 de 68 d2 f5 67 b7   H....+.-O..h..g.
00b0  35 f9 b3 c4 04 14 14 2e b3 17 b7 58 56 cb ae 50   5..........XV..P
00c0  09 40 e6 1f af 9d 8b 14 c2 c6 02 12 04 a2 2f ea   .@............/.
00d0  c6 12 2c ed 6e a9 3e a2 f9 5e 61 e7 45 b8 a2 2a   ..,.n.>..^a.E..*
00e0  30 28 30 26 06 09 2b 06 01 05 05 07 30 01 02 04   0(0&..+.....0...
00f0  19 04 17 be 38 74 7b 3d 67 16 55 6f 66 63 e2 c3   ....8t{=g.Uofc..
0100  90 67 36 3c 01 f0 d4 76 9e aa                     .g6<...v..
response 
No.     Time           Source                Destination           Protocol Length Info
     37 36.009435010   2a02:26f0:6c00::210:ba60 2001:470:28:704::1    OCSP     956    Response

Frame 37: 956 bytes on wire (7648 bits), 956 bytes captured (7648 bits) on interface he-ipv6, id 0
    Interface id: 0 (he-ipv6)
        Interface name: he-ipv6
    Encapsulation type: Raw IP (7)
    Arrival Time: Jul 11, 2021 13:54:02.837794784 CEST
    [Time shift for this packet: 0.000000000 seconds]
    Epoch Time: 1626004442.837794784 seconds
    [Time delta from previous captured frame: 0.194033441 seconds]
    [Time delta from previous displayed frame: 0.194033441 seconds]
    [Time since reference or first frame: 36.009435010 seconds]
    Frame Number: 37
    Frame Length: 956 bytes (7648 bits)
    Capture Length: 956 bytes (7648 bits)
    [Frame is marked: False]
    [Frame is ignored: False]
    [Protocols in frame: raw:ipv6:tcp:http:ocsp:ocsp:x509sat:x509sat:x509sat]
    [Coloring Rule Name: HTTP]
    [Coloring Rule String: http || tcp.port == 80 || http2]
Raw packet data
Internet Protocol Version 6, Src: 2a02:26f0:6c00::210:ba60, Dst: 2001:470:28:704::1
    0110 .... = Version: 6
    .... 0000 0010 .... .... .... .... .... = Traffic Class: 0x02 (DSCP: CS0, ECN: ECT(0))
        .... 0000 00.. .... .... .... .... .... = Differentiated Services Codepoint: Default (0)
        .... .... ..10 .... .... .... .... .... = Explicit Congestion Notification: ECN-Capable Transport codepoint '10' (2)
    .... .... .... 0100 1111 0011 1110 1011 = Flow Label: 0x4f3eb
    Payload Length: 916
    Next Header: TCP (6)
    Hop Limit: 57
    Source Address: 2a02:26f0:6c00::210:ba60
    Destination Address: 2001:470:28:704::1
Transmission Control Protocol, Src Port: 80, Dst Port: 58236, Seq: 1, Ack: 267, Len: 884
    Source Port: 80
    Destination Port: 58236
    [Stream index: 3]
    [TCP Segment Len: 884]
    Sequence Number: 1    (relative sequence number)
    Sequence Number (raw): 1600940355
    [Next Sequence Number: 885    (relative sequence number)]
    Acknowledgment Number: 267    (relative ack number)
    Acknowledgment number (raw): 2889577503
    1000 .... = Header Length: 32 bytes (8)
    Flags: 0x018 (PSH, ACK)
        000. .... .... = Reserved: Not set
        ...0 .... .... = Nonce: Not set
        .... 0... .... = Congestion Window Reduced (CWR): Not set
        .... .0.. .... = ECN-Echo: Not set
        .... ..0. .... = Urgent: Not set
        .... ...1 .... = Acknowledgment: Set
        .... .... 1... = Push: Set
        .... .... .0.. = Reset: Not set
        .... .... ..0. = Syn: Not set
        .... .... ...0 = Fin: Not set
        [TCP Flags: ·······AP···]
    Window: 240
    [Calculated window size: 30720]
    [Window size scaling factor: 128]
    Checksum: 0x1bbe [unverified]
    [Checksum Status: Unverified]
    Urgent Pointer: 0
    Options: (12 bytes), No-Operation (NOP), No-Operation (NOP), Timestamps
        TCP Option - No-Operation (NOP)
            Kind: No-Operation (1)
        TCP Option - No-Operation (NOP)
            Kind: No-Operation (1)
        TCP Option - Timestamps: TSval 313067873, TSecr 3539871605
            Kind: Time Stamp Option (8)
            Length: 10
            Timestamp value: 313067873
            Timestamp echo reply: 3539871605
    [SEQ/ACK analysis]
        [iRTT: 0.025993840 seconds]
        [Bytes in flight: 884]
        [Bytes sent since last PSH flag: 884]
    [Timestamps]
        [Time since first frame in this TCP stream: 0.271881899 seconds]
        [Time since previous frame in this TCP stream: 0.194033441 seconds]
    TCP payload (884 bytes)
Hypertext Transfer Protocol
    HTTP/1.0 200 OK\r\n
        [Expert Info (Chat/Sequence): HTTP/1.0 200 OK\r\n]
            [HTTP/1.0 200 OK\r\n]
            [Severity level: Chat]
            [Group: Sequence]
        Response Version: HTTP/1.0
        Status Code: 200
        [Status Code Description: OK]
        Response Phrase: OK
    Server: nginx\r\n
    Content-Type: application/ocsp-response\r\n
    Content-Length: 503\r\n
        [Content length: 503]
    ETag: "31E258B631DBD9B6EFD7D1150B02BADDA6ACB83D4AE0F31B4AC864B5A32E98C2"\r\n
    Last-Modified: Fri, 09 Jul 2021 02:00:00 UTC\r\n
    Cache-Control: public, no-transform, must-revalidate, max-age=43200\r\n
    Expires: Sun, 11 Jul 2021 23:54:02 GMT\r\n
    Date: Sun, 11 Jul 2021 11:54:02 GMT\r\n
    Connection: close\r\n
    \r\n
    [HTTP response 1/1]
    [Time since request: 0.219946638 seconds]
    [Request in frame: 35]
    [Request URI: http://r3.o.lencr.org/]
    File Data: 503 bytes
Online Certificate Status Protocol
    responseStatus: successful (0)
    responseBytes
        ResponseType Id: 1.3.6.1.5.5.7.48.1.1 (id-pkix-ocsp-basic)
        BasicOCSPResponse
            tbsResponseData
                responderID: byName (1)
                    byName: 0
                        rdnSequence: 3 items (id-at-commonName=R3,id-at-organizationName=Let's Encrypt,id-at-countryName=US)
                            RDNSequence item: 1 item (id-at-countryName=US)
                                RelativeDistinguishedName item (id-at-countryName=US)
                                    Id: 2.5.4.6 (id-at-countryName)
                                    CountryName: US
                            RDNSequence item: 1 item (id-at-organizationName=Let's Encrypt)
                                RelativeDistinguishedName item (id-at-organizationName=Let's Encrypt)
                                    Id: 2.5.4.10 (id-at-organizationName)
                                    DirectoryString: printableString (1)
                                        printableString: Let's Encrypt
                            RDNSequence item: 1 item (id-at-commonName=R3)
                                RelativeDistinguishedName item (id-at-commonName=R3)
                                    Id: 2.5.4.3 (id-at-commonName)
                                    DirectoryString: printableString (1)
                                        printableString: R3
                producedAt: 2021-07-09 02:10:00 (UTC)
                responses: 1 item
                    SingleResponse
                        certID
                            hashAlgorithm (SHA-1)
                                Algorithm Id: 1.3.14.3.2.26 (SHA-1)
                            issuerNameHash: 48dac9a0fb2bd32d4ff0de68d2f567b735f9b3c4
                            issuerKeyHash: 142eb317b75856cbae500940e61faf9d8b14c2c6
                            serialNumber: 0x04a22feac6122ced6ea93ea2f95e61e745b8
                        certStatus: good (0)
                            good
                        thisUpdate: 2021-07-09 02:00:00 (UTC)
                        nextUpdate: 2021-07-16 02:00:00 (UTC)
            signatureAlgorithm (sha256WithRSAEncryption)
                Algorithm Id: 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
            Padding: 0
            signature: 58dbb8b61b88102708f776b5dd4b47fc7ed48d76e44ab63bee5c3e55ae3eee7ff7e3ef0f…

0000  60 24 f3 eb 03 94 06 39 2a 02 26 f0 6c 00 00 00   `$.....9*.&.l...
0010  00 00 00 00 02 10 ba 60 20 01 04 70 00 28 07 04   .......` ..p.(..
0020  00 00 00 00 00 00 00 01 00 50 e3 7c 5f 6c 69 43   .........P.|_liC
0030  ac 3b 74 1f 80 18 00 f0 1b be 00 00 01 01 08 0a   .;t.............
0040  12 a9 09 61 d2 fe 27 75 48 54 54 50 2f 31 2e 30   ...a..'uHTTP/1.0
0050  20 32 30 30 20 4f 4b 0d 0a 53 65 72 76 65 72 3a    200 OK..Server:
0060  20 6e 67 69 6e 78 0d 0a 43 6f 6e 74 65 6e 74 2d    nginx..Content-
0070  54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f   Type: applicatio
0080  6e 2f 6f 63 73 70 2d 72 65 73 70 6f 6e 73 65 0d   n/ocsp-response.
0090  0a 43 6f 6e 74 65 6e 74 2d 4c 65 6e 67 74 68 3a   .Content-Length:
00a0  20 35 30 33 0d 0a 45 54 61 67 3a 20 22 33 31 45    503..ETag: "31E
00b0  32 35 38 42 36 33 31 44 42 44 39 42 36 45 46 44   258B631DBD9B6EFD
00c0  37 44 31 31 35 30 42 30 32 42 41 44 44 41 36 41   7D1150B02BADDA6A
00d0  43 42 38 33 44 34 41 45 30 46 33 31 42 34 41 43   CB83D4AE0F31B4AC
00e0  38 36 34 42 35 41 33 32 45 39 38 43 32 22 0d 0a   864B5A32E98C2"..
00f0  4c 61 73 74 2d 4d 6f 64 69 66 69 65 64 3a 20 46   Last-Modified: F
0100  72 69 2c 20 30 39 20 4a 75 6c 20 32 30 32 31 20   ri, 09 Jul 2021 
0110  30 32 3a 30 30 3a 30 30 20 55 54 43 0d 0a 43 61   02:00:00 UTC..Ca
0120  63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 70 75 62   che-Control: pub
0130  6c 69 63 2c 20 6e 6f 2d 74 72 61 6e 73 66 6f 72   lic, no-transfor
0140  6d 2c 20 6d 75 73 74 2d 72 65 76 61 6c 69 64 61   m, must-revalida
0150  74 65 2c 20 6d 61 78 2d 61 67 65 3d 34 33 32 30   te, max-age=4320
0160  30 0d 0a 45 78 70 69 72 65 73 3a 20 53 75 6e 2c   0..Expires: Sun,
0170  20 31 31 20 4a 75 6c 20 32 30 32 31 20 32 33 3a    11 Jul 2021 23:
0180  35 34 3a 30 32 20 47 4d 54 0d 0a 44 61 74 65 3a   54:02 GMT..Date:
0190  20 53 75 6e 2c 20 31 31 20 4a 75 6c 20 32 30 32    Sun, 11 Jul 202
01a0  31 20 31 31 3a 35 34 3a 30 32 20 47 4d 54 0d 0a   1 11:54:02 GMT..
01b0  43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73   Connection: clos
01c0  65 0d 0a 0d 0a 30 82 01 f3 0a 01 00 a0 82 01 ec   e....0..........
01d0  30 82 01 e8 06 09 2b 06 01 05 05 07 30 01 01 04   0.....+.....0...
01e0  82 01 d9 30 82 01 d5 30 81 be a1 34 30 32 31 0b   ...0...0...4021.
01f0  30 09 06 03 55 04 06 13 02 55 53 31 16 30 14 06   0...U....US1.0..
0200  03 55 04 0a 13 0d 4c 65 74 27 73 20 45 6e 63 72   .U....Let's Encr
0210  79 70 74 31 0b 30 09 06 03 55 04 03 13 02 52 33   ypt1.0...U....R3
0220  18 0f 32 30 32 31 30 37 30 39 30 32 31 30 30 30   ..20210709021000
0230  5a 30 75 30 73 30 4b 30 09 06 05 2b 0e 03 02 1a   Z0u0s0K0...+....
0240  05 00 04 14 48 da c9 a0 fb 2b d3 2d 4f f0 de 68   ....H....+.-O..h
0250  d2 f5 67 b7 35 f9 b3 c4 04 14 14 2e b3 17 b7 58   ..g.5..........X
0260  56 cb ae 50 09 40 e6 1f af 9d 8b 14 c2 c6 02 12   V..P.@..........
0270  04 a2 2f ea c6 12 2c ed 6e a9 3e a2 f9 5e 61 e7   ../...,.n.>..^a.
0280  45 b8 80 00 18 0f 32 30 32 31 30 37 30 39 30 32   E.....2021070902
0290  30 30 30 30 5a a0 11 18 0f 32 30 32 31 30 37 31   0000Z....2021071
02a0  36 30 32 30 30 30 30 5a 30 0d 06 09 2a 86 48 86   6020000Z0...*.H.
02b0  f7 0d 01 01 0b 05 00 03 82 01 01 00 58 db b8 b6   ............X...
02c0  1b 88 10 27 08 f7 76 b5 dd 4b 47 fc 7e d4 8d 76   ...'..v..KG.~..v
02d0  e4 4a b6 3b ee 5c 3e 55 ae 3e ee 7f f7 e3 ef 0f   .J.;.\>U.>......
02e0  d8 df df b7 45 81 66 b2 e5 43 82 6d c0 96 e8 f0   ....E.f..C.m....
02f0  c9 c3 c6 d0 e9 d9 68 da a1 50 0e 65 1f f8 38 71   ......h..P.e..8q
0300  46 b2 e4 7c 0c 48 0f 89 a0 c6 ed bd 33 69 60 0f   F..|.H......3i`.
0310  76 ba e4 b0 20 34 f9 42 57 5d 14 b8 8f 95 5f 15   v... 4.BW]...._.
0320  39 d5 4e a0 37 e0 b6 f1 15 94 c7 4e ec ec 38 2d   9.N.7......N..8-
0330  02 7f 0d de ca ee 94 d6 4c 32 a5 c7 64 cc a2 3f   ........L2..d..?
0340  0d fc 10 93 f7 1c 32 80 4a f9 4d 7b f7 bf eb fd   ......2.J.M{....
0350  a3 88 99 e5 4b 10 08 05 f5 c9 f3 af ab 7f ed ab   ....K...........
0360  99 fd 89 86 11 fa 33 ac 30 cf 70 09 76 cb 87 02   ......3.0.p.v...
0370  8f 83 f2 cf 34 90 87 23 0e c3 42 6f 96 28 7a 35   ....4..#..Bo.(z5
0380  24 2d 82 af 2f e9 2f 9c 8b b0 5a 8e 15 e4 aa f6   $-.././...Z.....
0390  e4 ec 2d a0 12 49 21 21 66 6d 05 df 67 2c e9 12   ..-..I!!fm..g,..
03a0  a3 e5 5d 12 ee 06 0e 23 09 34 a6 5c 27 f5 99 04   ..]....#.4.\'...
03b0  84 26 a9 fb fa f5 cc 96 2d b5 5a 12               .&......-.Z.
However, I am still getting errors in my apache-logs. Perhaps related to other issues?

ssl_error_log

[Sun Jul 11 13:54:01.127736 2021] [gnutls:error] [pid 18008:tid 139901009913408] (20014)Internal error (specific information not available): [client 172.68.144.162:47282] Caching a fresh OCSP response failed
[Sun Jul 11 13:54:01.999909 2021] [gnutls:error] [pid 18008:tid 139901018306112] (20014)Internal error (specific information not available): [client 192.168.0.10:57095] Caching a fresh OCSP response failed
[Sun Jul 11 13:54:02.838320 2021] [gnutls:error] [pid 18039:tid 139901018306112] (20014)Internal error (specific information not available): [client 192.168.0.10:61654] Caching a fresh OCSP response failed

tnonline.net-error_log

[Sun Jul 11 13:53:51.637654 2021] [gnutls:warn] [pid 18003:tid 139901404104576] Could not create OCSP stapling configuration for certificate 1 in chain (CN=R3,O=Let's Encrypt,C=US): No OCSP URI in the certificate nor a GnuTLSOCSPResponseFile setting, cannot configure OCSP stapling.
[Sun Jul 11 13:53:51.679837 2021] [gnutls:warn] [pid 18004:tid 139901404104576] Could not create OCSP stapling configuration for certificate 1 in chain (CN=R3,O=Let's Encrypt,C=US): No OCSP URI in the certificate nor a GnuTLSOCSPResponseFile setting, cannot configure OCSP stapling.

I've tried the following three GnuTLSCache settings:

GnuTLSCache dbm "/var/run/apache2/gnutls_cache"
#GnuTLSCache shmcb:/var/run/apache2/ssl_scache(512000)
#GnuTLSCache none

# ll /var/run/apache2/gnutls_cache.*
-rw-r--r-- 1 apache root    0 Jul 11 13:53 /var/run/apache2/gnutls_cache.dir
-rw-r--r-- 1 apache root 1024 Jul 11 13:54 /var/run/apache2/gnutls_cache.pag

@airtower-luna
Copy link
Owner Author

airtower-luna commented Jul 11, 2021
edited

GnuTLSCache doesn't matter for OCSP, the cache for OCSP responses is configured with GnuTLSOCSPCache.

Do the different logs refer to different virtual hosts? I wonder if those failures might be for different certificates. Either way it'd be good to turn up the log level at least to debug, trace1 or trace2 would give some extra info on cache operations.

The messages in tnonline.net-error_log are not about your server certificate (see the DN), they say that stapling an OCSP response for the Let's Encrypt intermediate CA certificate won't work because it doesn't contain a responder URI. If possible mod_gnutls will staple OCSP responses for the whole certificate chain, but stapling for your server certificate should still work if it's not possible.

Do you get a stapled OCSP response when connecting to your server now?

@Forza-tng
Copy link

OCSP responses is configured with GnuTLSOCSPCache.

Of course. Fixed that!

Do the different logs refer to different virtual hosts? I wonder if those failures might be for different certificates.

Not in this case. I do run tnonline.net with a different certificate than mirrors.tnonline.net. (I don't use wildcards). The error logs are identical on both vhosts.

I'll add debug logging in apache. Is there a specific debug log setting for mod_gnutls?

I double checked and they are using /etc/letsencrypt/live/mirrors.tnonline.net/fullchain.pem and /etc/letsencrypt/live/tnonline.net/fullchain.pem respectively.

Do you get a stapled OCSP response when connecting to your server now?

No.

 # openssl s_client -connect tnonline.net:443 -status
CONNECTED(00000003)
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R3
verify return:1
depth=0 CN = tnonline.net
verify return:1
OCSP response: no response sent
---
Certificate chain
 0 s:CN = tnonline.net
   i:C = US, O = Let's Encrypt, CN = R3
 1 s:C = US, O = Let's Encrypt, CN = R3
   i:C = US, O = Internet Security Research Group, CN = ISRG Root X1
 2 s:C = US, O = Internet Security Research Group, CN = ISRG Root X1
   i:O = Digital Signature Trust Co., CN = DST Root CA X3
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIGHTCCBQWgAwIBAgISBKIv6sYSLO1uqT6i+V5h50W4MA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMTA1MTYwMTEwMzdaFw0yMTA4MTQwMTEwMzdaMBcxFTATBgNVBAMT
DHRub25saW5lLm5ldDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAPGe
rg/jWVgFX7cOUal8+nLyC+XDTUki8CCiaaZEZp3AoEWMOwePMSD9f0YlyMLxRsLu
JdF17/LKlHcI7FabOLv0OqYnOOn55XoznWleSjPVt5TRVUA+W+BtaY1gnCx6fS9p
b1gRjfX69LLxlkE9aP8F7HI+N9NvMO9upHaDv2DJeffuDkIt6dF4urYmUUs4Sl1q
8SqGmgWONGYMmjzSa742nwloP3aD8lvv5iLPY6sMLzFSvNi+9Wernj4iNWUg5AoF
nnl4pUkR0jZu4BQa43+xmt2qc25T5bfaAEzLM+ik/YZvbEtMyRlIDAPHqTVBOJH4
SUyN8vLcaRDr8eVB5KnfzxoLJBVgH5ZFDAxyJTyCM99KNDx7YtUF3H3cZVV9tOAl
H1YkAr5bc+GCxfGrRCau9XY6APokQTqYR6ByEioZ+8Ms1WGtJuIp1GU3WumRPlfP
qqL507Z5cqietHdk/OafQSNKvl3HG8AjXykrwThysrBKqMuJTtFu8Wad+Qr02hbX
4np5elueRBFnBBwW3LJmhSs4fOaxOFPSnetFdtjD6lXtHV1xKO1yX1/4GWdGa8XP
BYtn1i2/VWUsD4eRY1/UPVbTRijTeMPUEnhrZiGBysW99ebsVzDEDlXpc7tJs5Ji
oItQaLh2e6Q0zElxJ6k14B00GZrvbwrjAntCW29PAgMBAAGjggJGMIICQjAOBgNV
HQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1Ud
EwEB/wQCMAAwHQYDVR0OBBYEFPAyb2Pbd31WFqb18B/GeNWlEE3zMB8GA1UdIwQY
MBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEF
BQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8v
cjMuaS5sZW5jci5vcmcvMBcGA1UdEQQQMA6CDHRub25saW5lLm5ldDBMBgNVHSAE
RTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRw
Oi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB1
AFzcQ5L+5qtFRLFemtRW5hA3+9X6R9yhc5SyXub2xw7KAAABeXLwixIAAAQDAEYw
RAIgaq/MKEgq0zjnfDpL4wbGlEg+r4O+pxYvTK7q3Ic7sl4CIG/CQ4BZzPYEV4pQ
f4LUHKJupLORSIc3NK8l9FaqMXq8AHYAfT7y+I//iFVoJMLAyp5SiXkrxQ54CX8u
apdomX4i8NcAAAF5cvCLOQAABAMARzBFAiABoKGIl3Ymb/jBJVdz5M/Z/gnVP4hf
yNeeIwOwWHdlGgIhAKglKAqpJ+Gv38ZFJCN5r+SI4RRe/5XhAOW3WZI/6CnnMA0G
CSqGSIb3DQEBCwUAA4IBAQAp8+vR/lurOjV6oHZwaV0BsdErtacVC4O4sKcAlYjG
qMqGdU5/e9kLkTtmpDTV0VZmMlAXM+igsVc1H6n6Eo6uIx96bIXcAVR+YWbTPNL4
BtwOp8J1zG7w7WNgf5cKtETgGoOudsEvLcjmvmJCrjEKzF152rd21lk/Tv3c3nOi
/dSfCAR9J4mK0NymU52QL8U8SaCfj19EDH2NOHyKdiAwPPjzZgBsYrSFX1k3tDX0
4YLdJnQVWoH2uE7qe3tjou90UFR+hPbTIxbkhPwl7hMcWU/tAcwqF1Hyp71NCccp
AbbxoMl0d70g2H+MYdqOIN36ssE1LnE5ZFhpNHUWOODD
-----END CERTIFICATE-----
subject=CN = tnonline.net

issuer=C = US, O = Let's Encrypt, CN = R3

---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 5061 bytes and written 387 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_CHACHA20_POLY1305_SHA256
Server public key is 4096 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---

Can also be checked with https://www.ssllabs.com/ssltest/analyze.html?d=tnonline.net&s=81.170.131.138&hideResults=on&latest

@airtower-luna
Copy link
Owner Author

I'll add debug logging in apache. Is there a specific debug log setting for mod_gnutls?

Mod_gnutls uses the Apache log facilities, so you can just use the LogLevel directive as usual, e.g.:

LogLevel	info	gnutls:trace2

@Forza-tng
Copy link

Forza-tng commented Jul 11, 2021
edited

I'll add debug logging in apache. Is there a specific debug log setting for mod_gnutls?

Mod_gnutls uses the Apache log facilities, so you can just use the LogLevel directive as usual, e.g.:

LogLevel	info	gnutls:trace2

Great! Thank you. I can see that we are indeed getting an OSCP response, though I am not sure how to correctly interpret the results. I connectec from local terminal with links http://tnonline.net.

I'm available on #mod_gnutls over at irc.libera.chat and irc.indymedia.org if you think it would be better to continue on IRC.

tnonline.net-error_log

[Sun Jul 11 16:15:17.490287 2021] [gnutls:debug] [pid 36479:tid 140612798117760] gnutls_hooks.c(525): set_default_dh_param: Setting DH params for security level 'Medium'.
[Sun Jul 11 16:15:17.491911 2021] [gnutls:warn] [pid 36479:tid 140612798117760] Could not create OCSP stapling configuration for certificate 1 in chain (CN=R3,O=Let's Encrypt,C=US): No OCSP URI in the certificate nor a GnuTLSOCSPResponseFile setting, cannot configure OCSP stapling.
[Sun Jul 11 16:15:17.491923 2021] [gnutls:info] [pid 36479:tid 140612798117760] Configured OCSP stapling for 1 certificates for tnonline.net:443.
[Sun Jul 11 16:15:17.540557 2021] [gnutls:debug] [pid 36480:tid 140612798117760] gnutls_hooks.c(525): set_default_dh_param: Setting DH params for security level 'Medium'.
[Sun Jul 11 16:15:17.541755 2021] [gnutls:warn] [pid 36480:tid 140612798117760] Could not create OCSP stapling configuration for certificate 1 in chain (CN=R3,O=Let's Encrypt,C=US): No OCSP URI in the certificate nor a GnuTLSOCSPResponseFile setting, cannot configure OCSP stapling.
[Sun Jul 11 16:15:17.541779 2021] [gnutls:info] [pid 36480:tid 140612798117760] Configured OCSP stapling for 1 certificates for tnonline.net:443.
[Sun Jul 11 16:15:43.916065 2021] [gnutls:debug] [pid 36512:tid 140612412868160] gnutls_hooks.c(1451): [client 192.168.0.1:53022] mgs_hook_authz: verify mode is "ignore"
[Sun Jul 11 16:15:43.916317 2021] [gnutls:debug] [pid 36512:tid 140612412868160] gnutls_hooks.c(1451): [client 192.168.0.1:53022] mgs_hook_authz: verify mode is "ignore"
[Sun Jul 11 16:15:44.018657 2021] [gnutls:debug] [pid 36512:tid 140612196103744] gnutls_hooks.c(1451): [client 192.168.0.1:53022] mgs_hook_authz: verify mode is "ignore"
[Sun Jul 11 16:15:44.018959 2021] [gnutls:debug] [pid 36512:tid 140612196103744] gnutls_hooks.c(1451): [client 192.168.0.1:53022] mgs_hook_authz: verify mode is "ignore"

ssl-error_log

[Sun Jul 11 16:15:17.502174 2021] [gnutls:info] [pid 36479:tid 140612798117760] Cannnot enable OCSP stapling for host 'localhost:443': No issuer (CA) certificate available, cannot enable stapling. Please add it to the GnuTLSCertificateFile.
[Sun Jul 11 16:15:17.502189 2021] [gnutls:trace1] [pid 36479:tid 140612798117760] gnutls_hooks.c(516): set_default_dh_param: GnuTLS security param estimated based on private key '/etc/ssl/apache2/server.key': High
[Sun Jul 11 16:15:17.502192 2021] [gnutls:debug] [pid 36479:tid 140612798117760] gnutls_hooks.c(525): set_default_dh_param: Setting DH params for security level 'High'.
[Sun Jul 11 16:15:17.549575 2021] [gnutls:info] [pid 36480:tid 140612798117760] Cannnot enable OCSP stapling for host 'localhost:443': No issuer (CA) certificate available, cannot enable stapling. Please add it to the GnuTLSCertificateFile.
[Sun Jul 11 16:15:17.549602 2021] [gnutls:trace1] [pid 36480:tid 140612798117760] gnutls_hooks.c(516): set_default_dh_param: GnuTLS security param estimated based on private key '/etc/ssl/apache2/server.key': High
[Sun Jul 11 16:15:17.549611 2021] [gnutls:debug] [pid 36480:tid 140612798117760] gnutls_hooks.c(525): set_default_dh_param: Setting DH params for security level 'High'.
[Sun Jul 11 16:15:43.677054 2021] [gnutls:trace1] [pid 36512:tid 140612412868160] gnutls_hooks.c(1059): [client 192.168.0.1:53022] early_sni_hook found SNI name: 'tnonline.net'
[Sun Jul 11 16:15:43.677114 2021] [gnutls:trace1] [pid 36512:tid 140612412868160] gnutls_hooks.c(993): [client 192.168.0.1:53022] mgs_find_sni_server: client requested server 'tnonline.net'.
[Sun Jul 11 16:15:43.677246 2021] [gnutls:debug] [pid 36512:tid 140612412868160] gnutls_hooks.c(1070): [client 192.168.0.1:53022] early_sni_hook: Selected virtual host tnonline.net from early SNI, connection server is localhost.
[Sun Jul 11 16:15:43.677271 2021] [gnutls:trace1] [pid 36512:tid 140612412868160] gnutls_hooks.c(216): [client 192.168.0.1:53022] prepare_alpn_proposals: Found 2 protocol upgrade(s) for ALPN: h2,h2c
[Sun Jul 11 16:15:43.677281 2021] [gnutls:trace1] [pid 36512:tid 140612412868160] gnutls_hooks.c(230): [client 192.168.0.1:53022] prepare_alpn_proposals: Adding current protocol http/1.1 to ALPN set.
[Sun Jul 11 16:15:43.677344 2021] [gnutls:trace1] [pid 36512:tid 140612412868160] gnutls_hooks.c(252): [client 192.168.0.1:53022] process_alpn_result: No ALPN result: The requested data were not available. (-56)
[Sun Jul 11 16:15:43.677457 2021] [gnutls:warn] [pid 36512:tid 140612412868160] (20014)Internal error (specific information not available): error fetching from cache 'dbm:/var/run/apache2/gnutls_oscp_cache'
[Sun Jul 11 16:15:43.677479 2021] [gnutls:trace1] [pid 36512:tid 140612412868160] gnutls_ocsp.c(844): (20014)Internal error (specific information not available): [client 192.168.0.1:53022] Fetching OCSP response from cache failed.
[Sun Jul 11 16:15:43.677516 2021] [gnutls:debug] [pid 36512:tid 140612412868160] gnutls_ocsp.c(862): [client 192.168.0.1:53022] No valid OCSP response in cache, trying to update.
[Sun Jul 11 16:15:43.677895 2021] [gnutls:trace2] [pid 36512:tid 140612412868160] gnutls_ocsp.c(712): created OCSP request for localhost:443: 307f307d304f304d304b300906052b0e03021a0500041448dac9a0fb2bd32d4ff0de68d2f567b735f9b3c40414142eb317b75856cbae500940e61faf9d8b14c2c6021204a22feac6122ced6ea93ea2f95e61e745b8a22a3028302606092b06010505073001020419041776cc1f4a666d92024ffe7eafbaafa525e4464d3e5ab5a8
[Sun Jul 11 16:15:43.677934 2021] [gnutls:trace2] [pid 36512:tid 140612412868160] gnutls_ocsp.c(510): OCSP POST header: POST / HTTP/1.0\r\nHost: r3.o.lencr.org\r\nContent-Type: application/ocsp-request\r\nAccept: application/ocsp-response\r\nContent-Length: 129\r\n\r\n
[Sun Jul 11 16:15:43.887773 2021] [gnutls:trace2] [pid 36512:tid 140612412868160] gnutls_ocsp.c(594): Received header: Server: nginx
[Sun Jul 11 16:15:43.887830 2021] [gnutls:trace2] [pid 36512:tid 140612412868160] gnutls_ocsp.c(594): Received header: Content-Type: application/ocsp-response
[Sun Jul 11 16:15:43.887838 2021] [gnutls:trace2] [pid 36512:tid 140612412868160] gnutls_ocsp.c(594): Received header: Content-Length: 503
[Sun Jul 11 16:15:43.887844 2021] [gnutls:trace2] [pid 36512:tid 140612412868160] gnutls_ocsp.c(594): Received header: ETag: "31E258B631DBD9B6EFD7D1150B02BADDA6ACB83D4AE0F31B4AC864B5A32E98C2"
[Sun Jul 11 16:15:43.887850 2021] [gnutls:trace2] [pid 36512:tid 140612412868160] gnutls_ocsp.c(594): Received header: Last-Modified: Fri, 09 Jul 2021 02:00:00 UTC
[Sun Jul 11 16:15:43.887857 2021] [gnutls:trace2] [pid 36512:tid 140612412868160] gnutls_ocsp.c(594): Received header: Cache-Control: public, no-transform, must-revalidate, max-age=43200
[Sun Jul 11 16:15:43.887863 2021] [gnutls:trace2] [pid 36512:tid 140612412868160] gnutls_ocsp.c(594): Received header: Expires: Mon, 12 Jul 2021 02:15:43 GMT
[Sun Jul 11 16:15:43.887868 2021] [gnutls:trace2] [pid 36512:tid 140612412868160] gnutls_ocsp.c(594): Received header: Date: Sun, 11 Jul 2021 14:15:43 GMT
[Sun Jul 11 16:15:43.887875 2021] [gnutls:trace2] [pid 36512:tid 140612412868160] gnutls_ocsp.c(594): Received header: Connection: close
[Sun Jul 11 16:15:43.888370 2021] [gnutls:info] [pid 36512:tid 140612412868160] (20014)Internal error (specific information not available): Reason for failed OCSP response verification: Signer cert keyusage error
[Sun Jul 11 16:15:43.888409 2021] [gnutls:debug] [pid 36512:tid 140612412868160] gnutls_ocsp.c(741): (20014)Internal error (specific information not available): OCSP response validation failed, cannot update cache.
[Sun Jul 11 16:15:43.888425 2021] [gnutls:error] [pid 36512:tid 140612412868160] (20014)Internal error (specific information not available): [client 192.168.0.1:53022] Caching a fresh OCSP response failed
[Sun Jul 11 16:15:43.888516 2021] [gnutls:trace1] [pid 36512:tid 140612412868160] gnutls_cache.c(131): stored 1 bytes of data (20 byte key) in cache 'dbm:/var/run/apache2/gnutls_oscp_cache'
[Sun Jul 11 16:15:43.915113 2021] [gnutls:debug] [pid 36512:tid 140612412868160] gnutls_io.c(574): [client 192.168.0.1:53022] mgs_filter_input: TLS connection opened.
[Sun Jul 11 16:15:43.915394 2021] [gnutls:trace1] [pid 36512:tid 140612412868160] gnutls_hooks.c(1317): [client 192.168.0.1:53022] mgs_req_vhost_check: Checking request hostname against SNI name 'tnonline.net'.
[Sun Jul 11 16:15:44.017806 2021] [gnutls:debug] [pid 36512:tid 140612412868160] mod_gnutls.c(194): [client 192.168.0.1:53022] unsupported variable requested: 'SSL_COMPRESS_METHOD'
[Sun Jul 11 16:15:44.018057 2021] [gnutls:trace2] [pid 36512:tid 140612412868160] gnutls_io.c(270): (4)Interrupted system call: [client 192.168.0.1:53022] gnutls_io_input_read: looping recv after 'Function was interrupted.' (-52)
[Sun Jul 11 16:15:44.018215 2021] [gnutls:trace1] [pid 36512:tid 140612196103744] gnutls_hooks.c(1317): [client 192.168.0.1:53022] mgs_req_vhost_check: Checking request hostname against SNI name 'tnonline.net'.
[Sun Jul 11 16:15:44.018907 2021] [gnutls:trace1] [pid 36512:tid 140612196103744] gnutls_hooks.c(1317): [client 192.168.0.1:53022] mgs_req_vhost_check: Checking request hostname against SNI name 'tnonline.net'.
[Sun Jul 11 16:15:44.136342 2021] [gnutls:debug] [pid 36512:tid 140612196103744] mod_gnutls.c(194): [client 192.168.0.1:53022] unsupported variable requested: 'SSL_COMPRESS_METHOD'
[Sun Jul 11 16:15:44.136592 2021] [gnutls:trace2] [pid 36512:tid 140612196103744] gnutls_io.c(270): (4)Interrupted system call: [client 192.168.0.1:53022] gnutls_io_input_read: looping recv after 'Function was interrupted.' (-52)
[Sun Jul 11 16:15:59.060991 2021] [gnutls:info] [pid 36512:tid 140612187711040] (70014)End of file found: [client 192.168.0.1:53022] GnuTLS: Error reading data. (-54) 'Error in the pull function.'
[Sun Jul 11 16:15:59.061131 2021] [gnutls:debug] [pid 36512:tid 140612187711040] gnutls_io.c(540): [client 192.168.0.1:53022] mgs_bye: TLS connection closed.

@airtower-luna
Copy link
Owner Author

This is where things go wrong:

[Sun Jul 11 16:15:43.888370 2021] [gnutls:info] [pid 36512:tid 140612412868160] (20014)Internal error (specific information not available): Reason for failed OCSP response verification: Signer cert keyusage error
[Sun Jul 11 16:15:43.888409 2021] [gnutls:debug] [pid 36512:tid 140612412868160] gnutls_ocsp.c(741): (20014)Internal error (specific information not available): OCSP response validation failed, cannot update cache.

The relevant code is this:

mod_gnutls/src/gnutls_ocsp.c

Lines 326 to 339 in b8e9e11

ret = gnutls_ocsp_resp_verify(resp, *(req_data->trust), &verify, 0);
if (ret != GNUTLS_E_SUCCESS)
{
ap_log_error(APLOG_MARK, APLOG_ERR, APR_EGENERAL, s,
"OCSP response verification failed: %s (%d)",
gnutls_strerror(ret), ret);
goto resp_cleanup;
}
else
{
/* verification worked, check the result */
if (verify != 0)
{
_log_verify_fail_reason(verify, s);

The last line in that block logs the error message based on the value written to verify by the call to gnutls_ocsp_resp_verify() at the top, with the exact message depending on the error code in verify. Looks like the verification code doesn't like the signer certificate, which is the CA certificate itself.

This seems to be where things goes wrong: https://gitlab.com/gnutls/gnutls/-/blob/c70941cea73cb38e0d27395e63aafca12dac9a72/lib/x509/ocsp.c#L2380-2386

The way I understand RFC 6960, section 4.2.2.2 the id-kp-OCSPSigning key purpose is only needed when using a delegated signer (and not the CA itself), in which case the remaining issue would be a bug in GnuTLS itself.

@Forza-tng
Copy link

The way I understand RFC 6960, section 4.2.2.2 the id-kp-OCSPSigning key purpose is only needed when using a delegated signer (and not the CA itself), in which case the remaining issue would be a bug in GnuTLS itself.

I am very grateful you helped out so much. I do not know the details of the RFC. Perhaps you can talk to GnuTLS devs about it?

@airtower-luna
Copy link
Owner Author

Perhaps you can talk to GnuTLS devs about it?

I intend to. I have a half-finished finished reproducer and an idea for a fix, which I'll be able to test when the reproducer is done. 🙂

I'll probably merge this after creating the issue, and I'll definitely leave a link here.

@airtower-luna
Use the issuer certificate directly to verify OCSP responses
9c4ae9c 
The detour over a trust list is unnecessary by using
gnutls_ocsp_resp_verify_direct(), which simplifies the code a lot, and
also avoids a current bug in gnutls_ocsp_resp_verify() [1].

[1] https://gitlab.com/gnutls/gnutls/-/issues/1254
@airtower-luna
Copy link
Owner Author

While looking at fixing gnutls_ocsp_resp_verify() I noticed there's another function gnutls_ocsp_resp_verify_direct(), which doesn't share the bug and actually lets me simplify the code because it only uses the issuer certificate for verification, not a customizable trust list. I'm not sure why I didn't use that back when I wrote that code, but it works now. 🙂

@Forza-tng, could you check if this solves the errors you're seeing? One additional note: I see in the logs you've configured a dbm cache. Last time I tried that mod_socache_dbm enforced a size limit for values that was too small for the OCSP responses I was working with. If that affects you, try using shmcb instead.

The GnuTLS bug report regarding gnutls_ocsp_resp_verify() is here: https://gitlab.com/gnutls/gnutls/-/issues/1254

@airtower-luna airtower-luna changed the title Use SHA1 for issuer name hash and issuer key hash Fix OCSP response handling errors with Let's Encrypt Jul 13, 2021
@airtower-luna airtower-luna merged commit 70cf137 into main Jul 17, 2021
@airtower-luna airtower-luna deleted the ocsp-hash branch July 17, 2021 10:47
@Forza-tng
Copy link

While looking at fixing gnutls_ocsp_resp_verify() I noticed there's another function gnutls_ocsp_resp_verify_direct(), which doesn't share the bug and actually lets me simplify the code because it only uses the issuer certificate for verification, not a customizable trust list. I'm not sure why I didn't use that back when I wrote that code, but it works now. 🙂

@Forza-tng, could you check if this solves the errors you're seeing? One additional note: I see in the logs you've configured a dbm cache. Last time I tried that mod_socache_dbm enforced a size limit for values that was too small for the OCSP responses I was working with. If that affects you, try using shmcb instead.

The GnuTLS bug report regarding gnutls_ocsp_resp_verify() is here: https://gitlab.com/gnutls/gnutls/-/issues/1254

Hi again. Sorry for the late reply. I was travelling.

OSCP stapling does work now. I can see requests being made, verified and stored in schmcb cache. :)

When I use trace2 log level I can see some errors, but they seem not fatal and I am not sure if they are related to this OSCP issue.

[Wed Jul 21 09:27:22.213812 2021] [gnutls:trace1] [pid 22013:tid 140689051219520] gnutls_ocsp.c(824): (20014)Internal error (specific information not available): [client 192.168.0.1:47458] Fetching OCSP response from cache failed.
..
[Wed Jul 21 09:27:22.439066 2021] [gnutls:error] [pid 22013:tid 140689051219520] (20014)Internal error (specific information not available): Could not get OCSP response nonce: The requested data were not available. (-56)
[Wed Jul 21 09:27:22.439085 2021] [gnutls:debug] [pid 22013:tid 140689051219520] gnutls_ocsp.c(721): (20014)Internal error (specific information not available): OCSP response validation failed, cannot update cache.
[Wed Jul 21 09:27:22.439096 2021] [gnutls:error] [pid 22013:tid 140689051219520] (20014)Internal error (specific information not available): [client 192.168.0.1:47458] Caching a fresh OCSP response failed

This is the output in ssl_error_log when doing curl -i https://tnonline.net:443

[Wed Jul 21 09:27:22.213661 2021] [gnutls:trace1] [pid 22013:tid 140689051219520] gnutls_hooks.c(1059): [client 192.168.0.1:47458] early_sni_hook found SNI name: 'tnonline.net'
[Wed Jul 21 09:27:22.213684 2021] [gnutls:trace1] [pid 22013:tid 140689051219520] gnutls_hooks.c(993): [client 192.168.0.1:47458] mgs_find_sni_server: client requested server 'tnonline.net'.
[Wed Jul 21 09:27:22.213726 2021] [gnutls:debug] [pid 22013:tid 140689051219520] gnutls_hooks.c(961): [client 192.168.0.1:47458] GnuTLS: the certificate doesn't match requested hostname 'localhost'
[Wed Jul 21 09:27:22.213739 2021] [gnutls:debug] [pid 22013:tid 140689051219520] gnutls_hooks.c(1070): [client 192.168.0.1:47458] early_sni_hook: Selected virtual host tnonline.net from early SNI, connection server is localhost.
[Wed Jul 21 09:27:22.213749 2021] [gnutls:trace1] [pid 22013:tid 140689051219520] gnutls_hooks.c(216): [client 192.168.0.1:47458] prepare_alpn_proposals: Found 2 protocol upgrade(s) for ALPN: h2,h2c
[Wed Jul 21 09:27:22.213752 2021] [gnutls:trace1] [pid 22013:tid 140689051219520] gnutls_hooks.c(230): [client 192.168.0.1:47458] prepare_alpn_proposals: Adding current protocol http/1.1 to ALPN set.
[Wed Jul 21 09:27:22.213783 2021] [gnutls:debug] [pid 22013:tid 140689051219520] gnutls_hooks.c(293): [client 192.168.0.1:47458] process_alpn_result: Switching protocol to 'h2' based on ALPN.
[Wed Jul 21 09:27:22.213806 2021] [gnutls:trace1] [pid 22013:tid 140689051219520] gnutls_cache.c(191): (70015)Could not find specified socket in poll list.: requested entry not found in cache 'shmcb:/var/run/apache2/gnutls_oscp_cache(512000)'.
[Wed Jul 21 09:27:22.213812 2021] [gnutls:trace1] [pid 22013:tid 140689051219520] gnutls_ocsp.c(824): (20014)Internal error (specific information not available): [client 192.168.0.1:47458] Fetching OCSP response from cache failed.
[Wed Jul 21 09:27:22.213815 2021] [gnutls:debug] [pid 22013:tid 140689051219520] gnutls_ocsp.c(842): [client 192.168.0.1:47458] No valid OCSP response in cache, trying to update.
[Wed Jul 21 09:27:22.213930 2021] [gnutls:trace2] [pid 22013:tid 140689051219520] gnutls_ocsp.c(692): created OCSP request for localhost:443: 307f307d304f304d304b300906052b0e03021a0500041448dac9a0fb2bd32d4ff0de68d2f567b735f9b3c40414142eb317b75856cbae500940e61faf9d8b14c2c60212039ddcfd375dfc4e38a295306202dec41abda22a3028302606092b0601050507300102041904176dd31c1bb55e7a8c54abed4662b41a3f2865f948c7bf04
[Wed Jul 21 09:27:22.213940 2021] [gnutls:trace2] [pid 22013:tid 140689051219520] gnutls_ocsp.c(490): OCSP POST header: POST / HTTP/1.0\r\nHost: r3.o.lencr.org\r\nContent-Type: application/ocsp-request\r\nAccept: application/ocsp-response\r\nContent-Length: 129\r\n\r\n
[Wed Jul 21 09:27:22.438537 2021] [gnutls:trace2] [pid 22013:tid 140689051219520] gnutls_ocsp.c(574): Received header: Server: nginx
[Wed Jul 21 09:27:22.438571 2021] [gnutls:trace2] [pid 22013:tid 140689051219520] gnutls_ocsp.c(574): Received header: Content-Type: application/ocsp-response
[Wed Jul 21 09:27:22.438597 2021] [gnutls:trace2] [pid 22013:tid 140689051219520] gnutls_ocsp.c(574): Received header: Content-Length: 503
[Wed Jul 21 09:27:22.438603 2021] [gnutls:trace2] [pid 22013:tid 140689051219520] gnutls_ocsp.c(574): Received header: ETag: "408BC405D749D5728098DFE7B3F5D1F7D30CB1ACBBC15848258263B66CD66399"
[Wed Jul 21 09:27:22.438609 2021] [gnutls:trace2] [pid 22013:tid 140689051219520] gnutls_ocsp.c(574): Received header: Last-Modified: Wed, 21 Jul 2021 02:00:00 UTC
[Wed Jul 21 09:27:22.438614 2021] [gnutls:trace2] [pid 22013:tid 140689051219520] gnutls_ocsp.c(574): Received header: Cache-Control: public, no-transform, must-revalidate, max-age=43200
[Wed Jul 21 09:27:22.438620 2021] [gnutls:trace2] [pid 22013:tid 140689051219520] gnutls_ocsp.c(574): Received header: Expires: Wed, 21 Jul 2021 19:27:22 GMT
[Wed Jul 21 09:27:22.438624 2021] [gnutls:trace2] [pid 22013:tid 140689051219520] gnutls_ocsp.c(574): Received header: Date: Wed, 21 Jul 2021 07:27:22 GMT
[Wed Jul 21 09:27:22.438629 2021] [gnutls:trace2] [pid 22013:tid 140689051219520] gnutls_ocsp.c(574): Received header: Connection: close
[Wed Jul 21 09:27:22.439046 2021] [gnutls:trace1] [pid 22013:tid 140689051219520] gnutls_ocsp.c(323): OCSP response signature is valid.
[Wed Jul 21 09:27:22.439066 2021] [gnutls:error] [pid 22013:tid 140689051219520] (20014)Internal error (specific information not available): Could not get OCSP response nonce: The requested data were not available. (-56)
[Wed Jul 21 09:27:22.439085 2021] [gnutls:debug] [pid 22013:tid 140689051219520] gnutls_ocsp.c(721): (20014)Internal error (specific information not available): OCSP response validation failed, cannot update cache.
[Wed Jul 21 09:27:22.439096 2021] [gnutls:error] [pid 22013:tid 140689051219520] (20014)Internal error (specific information not available): [client 192.168.0.1:47458] Caching a fresh OCSP response failed
[Wed Jul 21 09:27:22.439116 2021] [gnutls:trace1] [pid 22013:tid 140689051219520] gnutls_cache.c(131): stored 1 bytes of data (20 byte key) in cache 'shmcb:/var/run/apache2/gnutls_oscp_cache(512000)'
[Wed Jul 21 09:27:22.462219 2021] [gnutls:debug] [pid 22013:tid 140689051219520] gnutls_io.c(574): [client 192.168.0.1:47458] mgs_filter_input: TLS connection opened.
[Wed Jul 21 09:27:22.462307 2021] [gnutls:trace2] [pid 22013:tid 140689051219520] gnutls_io.c(270): (4)Interrupted system call: [client 192.168.0.1:47458] gnutls_io_input_read: looping recv after 'Function was interrupted.' (-52)
[Wed Jul 21 09:27:22.462366 2021] [gnutls:trace2] [pid 22013:tid 140689051219520] gnutls_io.c(270): (4)Interrupted system call: [client 192.168.0.1:47458] gnutls_io_input_read: looping recv after 'Function was interrupted.' (-52)
[Wed Jul 21 09:27:22.465557 2021] [gnutls:trace2] [pid 22013:tid 140689051219520] gnutls_io.c(270): (4)Interrupted system call: [client 192.168.0.1:47458] gnutls_io_input_read: looping recv after 'Function was interrupted.' (-52)
[Wed Jul 21 09:27:22.465662 2021] [gnutls:trace2] [pid 22013:tid 140689051219520] gnutls_io.c(270): (4)Interrupted system call: [client 192.168.0.1:47458] gnutls_io_input_read: looping recv after 'Function was interrupted.' (-52)
[Wed Jul 21 09:27:22.465692 2021] [gnutls:trace2] [pid 22013:tid 140689051219520] gnutls_io.c(270): (4)Interrupted system call: [client 192.168.0.1:47458] gnutls_io_input_read: looping recv after 'Function was interrupted.' (-52)
[Wed Jul 21 09:27:22.465748 2021] [gnutls:trace1] [pid 22013:tid 140689068004928] gnutls_hooks.c(1243): [client 192.168.0.1:47458] mgs_hook_pre_connection declined secondary connection
[Wed Jul 21 09:27:22.465777 2021] [gnutls:trace2] [pid 22013:tid 140689051219520] gnutls_io.c(270): (4)Interrupted system call: [client 192.168.0.1:47458] gnutls_io_input_read: looping recv after 'Function was interrupted.' (-52)
[Wed Jul 21 09:27:22.465834 2021] [gnutls:trace1] [pid 22013:tid 140689068004928] gnutls_hooks.c(1317): [client 192.168.0.1:47458] mgs_req_vhost_check: Checking request hostname against SNI name 'tnonline.net'.
[Wed Jul 21 09:27:22.465877 2021] [gnutls:trace2] [pid 22013:tid 140689051219520] gnutls_io.c(270): (4)Interrupted system call: [client 192.168.0.1:47458] gnutls_io_input_read: looping recv after 'Function was interrupted.' (-52)
[Wed Jul 21 09:27:22.466021 2021] [gnutls:trace2] [pid 22013:tid 140689051219520] gnutls_io.c(270): (4)Interrupted system call: [client 192.168.0.1:47458] gnutls_io_input_read: looping recv after 'Function was interrupted.' (-52)
[Wed Jul 21 09:27:22.466186 2021] [gnutls:trace2] [pid 22013:tid 140689051219520] gnutls_io.c(270): (4)Interrupted system call: [client 192.168.0.1:47458] gnutls_io_input_read: looping recv after 'Function was interrupted.' (-52)
[Wed Jul 21 09:27:22.466431 2021] [gnutls:trace2] [pid 22013:tid 140689051219520] gnutls_io.c(270): (4)Interrupted system call: [client 192.168.0.1:47458] gnutls_io_input_read: looping recv after 'Function was interrupted.' (-52)
[Wed Jul 21 09:27:22.466842 2021] [gnutls:trace2] [pid 22013:tid 140689051219520] gnutls_io.c(270): (4)Interrupted system call: [client 192.168.0.1:47458] gnutls_io_input_read: looping recv after 'Function was interrupted.' (-52)
[Wed Jul 21 09:27:22.467598 2021] [gnutls:trace2] [pid 22013:tid 140689051219520] gnutls_io.c(270): (4)Interrupted system call: [client 192.168.0.1:47458] gnutls_io_input_read: looping recv after 'Function was interrupted.' (-52)
[Wed Jul 21 09:27:22.468983 2021] [gnutls:trace2] [pid 22013:tid 140689051219520] gnutls_io.c(270): (4)Interrupted system call: [client 192.168.0.1:47458] gnutls_io_input_read: looping recv after 'Function was interrupted.' (-52)
[Wed Jul 21 09:27:22.471668 2021] [gnutls:trace2] [pid 22013:tid 140689051219520] gnutls_io.c(270): (4)Interrupted system call: [client 192.168.0.1:47458] gnutls_io_input_read: looping recv after 'Function was interrupted.' (-52)
[Wed Jul 21 09:27:22.476919 2021] [gnutls:trace2] [pid 22013:tid 140689051219520] gnutls_io.c(270): (4)Interrupted system call: [client 192.168.0.1:47458] gnutls_io_input_read: looping recv after 'Function was interrupted.' (-52)
[Wed Jul 21 09:27:22.487286 2021] [gnutls:trace2] [pid 22013:tid 140689051219520] gnutls_io.c(270): (4)Interrupted system call: [client 192.168.0.1:47458] gnutls_io_input_read: looping recv after 'Function was interrupted.' (-52)
[Wed Jul 21 09:27:22.507901 2021] [gnutls:trace2] [pid 22013:tid 140689051219520] gnutls_io.c(270): (4)Interrupted system call: [client 192.168.0.1:47458] gnutls_io_input_read: looping recv after 'Function was interrupted.' (-52)
[Wed Jul 21 09:27:22.548999 2021] [gnutls:trace2] [pid 22013:tid 140689051219520] gnutls_io.c(270): (4)Interrupted system call: [client 192.168.0.1:47458] gnutls_io_input_read: looping recv after 'Function was interrupted.' (-52)
[Wed Jul 21 09:27:22.564658 2021] [gnutls:trace2] [pid 22013:tid 140689051219520] gnutls_io.c(270): (4)Interrupted system call: [client 192.168.0.1:47458] gnutls_io_input_read: looping recv after 'Function was interrupted.' (-52)
[Wed Jul 21 09:27:22.564785 2021] [gnutls:trace2] [pid 22013:tid 140689051219520] gnutls_io.c(270): (4)Interrupted system call: [client 192.168.0.1:47458] gnutls_io_input_read: looping recv after 'Function was interrupted.' (-52)
[Wed Jul 21 09:27:22.565449 2021] [gnutls:debug] [pid 22013:tid 140689051219520] gnutls_io.c(540): [client 192.168.0.1:47458] mgs_bye: TLS connection closed.
[Wed Jul 21 09:27:22.565468 2021] [gnutls:info] [pid 22013:tid 140689051219520] [client 192.168.0.1:47458] GnuTLS: Error writing data. (-50) 'The request is invalid.'

@airtower-luna
Copy link
Owner Author

Hm, the log looks like mod_gnutls gets a response from the OCSP responder now, but then discards it because the nonce is invalid. The Let's Encrypt responder doesn't support the nonce extension, so that check fails. Did you enable GnuTLSOCSPCheckNonce in the configuration? It should be off by default, so try removing or disabling it.

@Forza-tng
Copy link

Hm, the log looks like mod_gnutls gets a response from the OCSP responder now, but then discards it because the nonce is invalid. The Let's Encrypt responder doesn't support the nonce extension, so that check fails. Did you enable GnuTLSOCSPCheckNonce in the configuration? It should be off by default, so try removing or disabling it.

I didn't have GnuTLSOCSPCheckNonce in any config file, but I added GnuTLSOCSPCheckNonce off. No change though.

@airtower-luna
Copy link
Owner Author

That leaves me extremely confused. Assuming you're running the current code from this Git repository, there should be no way that code runs with GnuTLSOCSPCheckNonce disabled:

mod_gnutls/src/gnutls_ocsp.c

Lines 329 to 337 in 5168eb0

if (nonce != NULL && sc->ocsp_check_nonce)
{
gnutls_datum_t resp_nonce;
ret = gnutls_ocsp_resp_get_nonce(resp, 0, &resp_nonce);
if (ret != GNUTLS_E_SUCCESS)
{
ap_log_error(APLOG_MARK, APLOG_ERR, APR_EGENERAL, s,
"Could not get OCSP response nonce: %s (%d)",
gnutls_strerror(ret), ret);

Also in my local test environment an OCSP response without a nonce is accepted just fine.

@airtower-luna
Copy link
Owner Author

In case anyone else finds this later, #5 has the fix for the secondary problem. 🙂

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

mod_gnutls does not support Let's Encrypt OSCP
2 participants
@airtower-luna @Forza-tng