Let’s Encrypt to End OCSP Support by May 2025
/ 1 min read
🔄 Let’s Encrypt to End OCSP Support, Shifting to Short-Lived Certificates. Let’s Encrypt announced it will cease support for the Online Certificate Status Protocol (OCSP) by May 2025, citing its ineffectiveness in enhancing security and the high operational costs associated with it. The decision follows a broader industry trend, as the CA/Browser Forum voted to make OCSP optional and promote short-lived certificates, which will be available starting in 2025. This shift aims to address long-standing issues with OCSP, including performance problems and privacy concerns, while transitioning to a two-tier certificate system. As OCSP fades, the reliance on Certificate Revocation Lists (CRLs) will increase, although the effectiveness of this approach remains uncertain.
