Mid server OCSPCheck connection, timeout: http://ocsp.digicert.com

panda1 · ‎08-31-2022

Call the outbound rest API through the mid server

The following error was obtained:

Request not sent to uri= https://xxxxx: org.apache.commons.httpclient.HttpException: The host did not accept the connection within timeout of 10000 ms *.xxx: The host did not accept the connection within timeout of 10000 ms *.xxxxx

In fact, on the mid server browser, i can normally open this URL

When I check the log of the mid server，Got this warning

WARNING *** WARNING *** OCSPCheck connection timeout: http://ocsp.digicert.com

What should I do to check this problem，Any suggestions are helpful. Thank you very much

Maik Skoddow · ‎09-06-2022

Hi

do you have IP address access restrictions activated? If so these restriction will block the OSCP checks.

As a workaround, you can disable them by

turn off the OCSP Checks by navigating to: MID Server > MID Security Policy -> deactivate all checks.

add the following properties into the "Less common options" on the MID Server config.xml:

<parameter name="mid.ssl.bootstrap.default.check_cert_hostname" value="false"/> 
<parameter name="mid.ssl.bootstrap.default.check_cert_chain" value="false"/>
<parameter name="mid.ssl.bootstrap.default.check_cert_revocation" value="false"/>

Maik

View solution in original post

Maik Skoddow · ‎09-06-2022

Hi

do you have IP address access restrictions activated? If so these restriction will block the OSCP checks.

As a workaround, you can disable them by

turn off the OCSP Checks by navigating to: MID Server > MID Security Policy -> deactivate all checks.

add the following properties into the "Less common options" on the MID Server config.xml:

<parameter name="mid.ssl.bootstrap.default.check_cert_hostname" value="false"/> 
<parameter name="mid.ssl.bootstrap.default.check_cert_chain" value="false"/>
<parameter name="mid.ssl.bootstrap.default.check_cert_revocation" value="false"/>

Maik