OCSP Must Staple - Let's Encrypt - ending our support for that feature #6271
Labels
Comments
|
mailcow doesn’t use OCSP Must-Staple, so no action is needed. |
|
you are totally right - I need to excuse myself for opening the ticket. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Summary
Hi - just got an email and I did not found any changes / pulls lately on this:
The certificates for the hostnames below (issued by the Let's Encrypt account associated with this email address) use a feature called "OCSP Must Staple." We are ending our support for that feature (https://letsencrypt.org/2024/12/05/ending-ocsp), along with our support for OCSP in general, and replacing it with Certificate Revocation Lists (https://letsencrypt.org/2022/09/07/new-life-for-crls).
After May 7th, 2025, requests for certificates with "OCSP Must Staple" will fail.
To ensure your certificates continue to automatically renew, please change your ACME client configuration to not request OCSP Must Staple.
Motivation
Let's Encrypt will continue to work as the mail list all my MailCow Domains I assume the setting is set to "must staple"
Additional context
No response
The text was updated successfully, but these errors were encountered: