Symptom
OCSP revocation checking can fail if the trustpoint is configured with a non-default port (80 is default) that begins with '80' (for example 8099).
crypto ca trustpoint ocsp
revocation-check ocsp enrollment terminal
ocsp url http://:8099
Conditions
OCSP revocation checking on ASA with a non-default port that begins with '80'.
Workaround
Use a port that doesn't begin with '80'.
Further Problem Description
The parser is only looking at the first two digits of the port. Therefore, if it begins with '80' it thinks it is using the default and that is what gets written into the header.
