I noticed that some of the Staples sent by my server are out of date, noticed by a monitoring with gnutls (running "gnutls-cli --ocsp [server]:443" as a check). I'm using MDStapling on that server. In the server error log I find this which may be is the underlying issue: md_curl.c:551: md_curl_multi_perform: Assertion `running == requests->nelts' failed.
Is it reported in the log/crash what the numbers were? It would be interesting to know if "running == 0", for example. Failing any way to reproduce this so far, I think the hard assert() should be replaced by an "ap_assert()" that is only available in our maintainer builds. And the log level in line 543 should be increased to see mismatches on a production server.
There's no further info, sorry. Only another message that some process aborted. Full log entry apache2: md_curl.c:551: md_curl_multi_perform: Assertion `running == requests->nelts' failed. [Fri Sep 10 13:31:04.798340 2021] [core:notice] [pid 31009:tid 140098992729216] [client anon] AH00052: child pid 28357 exit signal Abort (6) Interestingly on a different server with a very similar setup I don't see this...
After turning on more verbose logging I got this which could be related: [Fri Sep 10 18:51:53.704984 2021] [md:debug] [pid 23413:tid 127535707190848] mod_md.c(177): [client anon] AH10267: other: rate limiting notification about 'ocsp-renewed' Some form of ratelimiting that would only show up on servers with many certs?
I added some extra-logging so I could see the values of the two variables when it fails:: running=3, requests->nelts=5 Hope this helps.
Fixed in github mod_md v2.4.6, added in trunk r1893359 and branches/2.4.x for next release.