Hi,
Thank your for raising this.
This was caused by haproxy which could not be reloaded because I played around with the IPv6 configuration of our main firewall in Hannover. Therefore the updated OCSP responses were not delivered.
It is fixed now and you should change your setting back.
Best, -Michael
On 13 Oct 2019, at 00:25, Matthias Fischer matthias.fischer@ipfire.org wrote:
Hi,
today, suddenly patchwork.ipfire.org stopped working. Reloading the page several times doesn't help. Firefox 69.0.3 keeps telling me:
***SNIP*** Secure Connection Failed
An error occurred during a connection to patchwork.ipfire.org. A required TLS feature is missing. Error code: MOZILLA_PKIX_ERROR_REQUIRED_TLS_FEATURE_MISSING
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem. ***SNAP***
Setting "security.ssl.enable_ocsp_must_staple" in about:config to "false" temporarily fixes this, but could it be that there is a problem with the "Let's Encrypt" certificate!?
Can anyone confirm?
Best, Matthias
P.S.: Possible solution (german!) => https://www.kuketz-blog.de/nginx-aktivierung-von-ocsp-must-staple-ohne-timeo...