Let’s Encrypt to Discontinue OCSP Support by 2025
/ 1 min read
🔒🌲 Let’s Encrypt to phase out OCSP services by 2025, prioritizing privacy and efficiency. The Certificate Authority announced a timeline for discontinuing support for the Online Certificate Status Protocol (OCSP), with key dates including the failure of OCSP Must-Staple requests starting January 30, 2025, and the complete shutdown of OCSP responders by August 6, 2025. This decision aims to enhance user privacy, as OCSP can expose users’ browsing habits to CAs, while Certificate Revocation Lists (CRLs) do not carry this risk. Let’s Encrypt encourages users relying on OCSP to transition to CRLs and adjust their configurations accordingly, as the shift is expected to streamline operations and improve compliance.
Source

Original