From fe09f6d096d3acac25721e29aab0cad25b0b110c Mon Sep 17 00:00:00 2001
From: Christian <zeeZ@users.noreply.github.com>
Date: Tue, 23 Aug 2022 00:38:09 +0200
Subject: [PATCH] Don't error log when no OCSP responder URL exists (#8881)

---
 rootfs/etc/nginx/lua/certificate.lua | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/rootfs/etc/nginx/lua/certificate.lua b/rootfs/etc/nginx/lua/certificate.lua
index 630462fab..48c8d7134 100644
--- a/rootfs/etc/nginx/lua/certificate.lua
+++ b/rootfs/etc/nginx/lua/certificate.lua
@@ -120,10 +120,14 @@ end
 -- While this has no functional implications, it generates extra load on OCSP servers.
 local function fetch_and_cache_ocsp_response(uid, der_cert)
   local url, err = ocsp.get_ocsp_responder_from_der_chain(der_cert)
-  if not url then
+  if not url and err then
     ngx.log(ngx.ERR, "could not extract OCSP responder URL: ", err)
     return
   end
+  if not url and not err then
+    ngx.log(ngx.DEBUG, "no OCSP responder URL returned")
+    return
+  end
 
   local request
   request, err = ocsp.create_ocsp_request(der_cert)