OSCP error with Let's Encrypt

[rija]

Errors preventing SSL handshake caused web site to become suddenly unavailable:

2017/07/15 00:16:20 [error] 44#44: OCSP_check_validity() failed (SSL: error:2707307D:OCSP routines:OCSP_check_validity:status expired) while requesting certificate status, respond
er: ocsp.int-x3.letsencrypt.org

The certificate is not expired and Let's Encrypt OSCP server responds to ping and resolve with dig

openssl s_client -connect <website>:443 -tls1  -tlsextdebug -status

return handshake errors.

Temporary workaround is to force renew the certificate again.

[leftdevel]

@rija. How do you force renewal? Thank you.