Was your Mac slow to launch apps or even restart on Thursday? Apple’s OCSP Server was the likely cause, possibly due to Big Sur overload.
On Thursday, October 12th, 2020, right around 3:30pm EST, Apple’s OCSP server stopped responding. On the surface that doesn’t sound like much, but when you stop and realize this is the server responsible for authenticating the certificates at the core of most of your Mac’s apps, it starts to matter.
And matter it did! For about an hour yesterday, Mac apps wouldn’t launch (or would launch slowly), rebooting was super-slow (for the same reason), and even Zoom connections took minutes to connect.
Meanwhile, no one could download macOS Big Sur, either.
Thankfully, Apple resolved the OCSP/Certificate Server issue pretty quickly in the grand scheme of things, but it begs the question: why did Apple let this happen in the first place? Having that sort of Achilles Heel baked into such a critical and common part of the macOS experience seems like an oversight.
I have no doubt that Apple engineers spent many hours last night post-morteming this event and likely coming up with a plan for some redundancy in this department. Based on temporal coincidence, one could assume that this was triggered by the high demand for Big Sur. Whatever the reason, it’s clear that OCSP lookups should be isolated from any other issues Apple (or its providers) may have, and I’m sure that’s being (or been) remedied.
In the event this is not remedied, however, Adam Engst and the team over at TidBITS have a workaround. It involves simply(?) editing your Mac’s
/etc/hosts file and making requests to
ocsp.apple.com fail outright.
Yesterday’s problem was that Apple’s server was slow in answering. If it had simply denied requests, all would have been fine: your Mac would’ve ignored the attempt and swiftly moved onward. By employing the redirect that TidBITS describes, you cause the lookup to fail instantly and you’re good to go.
Here’s to hoping we never have to reference this article again!