问题：

环境：Nginx，Node.js

我在resolver中使用的IP地址是google的公共DNS服务器。

http {



 resolver 8.8.8.8 8.8.4.4 [2001:4860:4860::8888] [2001:4860:4860::8844];



 server {



 listen 443 ssl http2;


 listen [::]:443 ssl http2;



 server_name example.com;



 ssl_stapling on;


 ssl_stapling_verify on;


 ssl_trusted_certificate /etc/letsencrypt/live/example.com/chain.pem;



 root /srv/example/views/public;



 ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;


 ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;



 location / {


 proxy_pass http://127.0.0.1:8080;


 }



 }



}

但是当我resolver 8.8.8.8 8.8.4.4 [2001:4860:4860::8888] [2001:4860:4860::8844]; 启动服务器和请求页面我收到error.log中的警告，同时，在浏览器中一切正常，不会向客户端发送错误或警告。

2020/12/11 20:04:24 [warn] 1191#1191 : no resolver defined to resolve r3.o.lencr.org while requesting certificate status, responder : 

r3.o.lencr.org, certificate : "/etc/letsencrypt/live/example.com/fullchain.pem" 

答案1：

你要求ssl_stapling，它要求与TLS证书中列出的OCSP响应程序联系，需要resolver从它名称获取IP地址。