Recently, I got a certificate from Let's Encrypt with the Must Staple extension on it, requiring a OCSP response to be sent with the certificate. I am using the kubernetes ingress-nginx(on Google Cloud) controller for TLS. The certificate is working great on Chrome(since it doesn't use OCSP), but it's failing on all other browsers because a OCSP response is not being stapled to it. The certificate I am using for the public key is the full certificate chain from Let's Encrypt. I'm not sure why nginx isn't attaching an OCSP response even though kubernetes supports OCSP.
Have a look here: https://github.com/kubernetes/ingress-nginx/blob/master/cmd/nginx/flags.go#L133-L137
It seems you either haven't got the full chain like you expected, or you're missing the "Authority Information Access" X.509 v3extension"