Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

This thread was archived. Please ask a new question if you need help.

SEC_ERROR_OCSP_INVALID_SIGNING_CERT

  • 23 replies
  • 225 have this problem
  • 1936 views
  • Last reply by cor-el

kgeoffrey
kgeoffrey
more options

Today we have started getting the following error when trying to access bing.com

Secure Connection Failed

An error occurred during a connection to www.bing.com. Invalid OCSP signing certificate in OCSP response. Error code: SEC_ERROR_OCSP_INVALID_SIGNING_CERT 

   The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
   Please contact the website owners to inform them of this problem.

What is strange is that this is happening (1) only in Firefox, and (2) only on some of our computers. We have a mixture of wired and wireless computers on our home network. I have checked computer times. Firefoxes are all running 53.0.3 on Windows 7. Setting security.ssl.enable_ocsp_stapling to false resolves the issue, but only while the setting is false.

Thanks for your help!

Today we have started getting the following error when trying to access bing.com Secure Connection Failed An error occurred during a connection to www.bing.com. Invalid OCSP signing certificate in OCSP response. Error code: SEC_ERROR_OCSP_INVALID_SIGNING_CERT The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem. What is strange is that this is happening (1) only in Firefox, and (2) only on some of our computers. We have a mixture of wired and wireless computers on our home network. I have checked computer times. Firefoxes are all running 53.0.3 on Windows 7. Setting security.ssl.enable_ocsp_stapling to false resolves the issue, but only while the setting is false. Thanks for your help!

Chosen solution

There seems to be something wrong on some Microsoft servers. Hopefully they fix this quickly on affected servers.

This looks like a problem with OCSP stapling on the server because it works when I disable OCSP Stapling in Firefox.

You can temporarily toggle this pref to false on the about:config page to see if disabling OCSP Stapling works for you. It is best to reset this pref via the right-click context menu to true once you are done with the this website.

  • security.ssl.enable_ocsp_stapling = false
Read this answer in context 👍 23

All Replies (3)

ffw62
ffw62
more options

Hello, up front: am happy the matter is solved! No doubt about it...

That said, how come then that Chrome did not have these issues?

If Chrome keeps on working, whilst Firefox worked fine, but all of sudden not anymore, as an end-user would you then expect it to be a Microsoft issue?

Anyway, am happy the matter is solved.

Thanks! =

Happy112
Happy112
more options

ffw62 said

That said, how come then that Chrome did not have these issues?

The problem was with Microsoft, whose servers   (in layman's terms)   send an expired assurance that their SSL certificate is still valid. Unfortunately it turns out that Firefox is the only browser checking for this on each secure https site it is loading.

(whereas other browsers glance over that and only check for  : https://en.wikipedia.org/wiki/Extended_Validation_Certificate).

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

Note that you can set security.OCSP.enabled to 2 to enable OCSP for EV certificates only (1 means for DV and EV). I wasn't able to test whether this would have worked since Outlook was already working for me when I found this as a possible cure.

  1. 1
  2. 2