Created attachment 227368 [details]
For example, Epiphany cannot connect to https://join.gov.tw/. It shows the certificate error page. gnutls-cli also fails and shows these error messages:
|<1>| Got OCSP response with an unrelated certificate.
- Status: The certificate is NOT trusted. The received OCSP status response is invalid.
*** PKI verification of server certificate failed...
*** Fatal error: Error in the certificate.
It turns out it is a GnuTLS bug which has been fixed in the upstream. If I apply the upstream patch, both Epiphany and gnutls-cli can connect to the site.