This thread was archived. Please ask a new question if you need help.
Invalid OCSP signing certificate in OCSP response. Error code: SEC_ERROR_OCSP_INVALID_SIGNING_CERT
Hey There - We are getting this error on a website of ours all of a sudden. Only happens in Firefox? Invalid OCSP signing certificate in OCSP response. Error code: SEC_ERROR_OCSP_INVALID_SIGNING_CERT
Seems like a similar error happened in may/june this year on other sites and it was an MS issue?? Anyone have any leads? https://blogs.msdn.microsoft.com/vsoservice/?p=14225
Thanks in advance for any help / updates
All Replies (1)
This appears to be a problem with certain Symantec certificates. The web server tells Firefox that it supports OCSP stapling, but the verification returned with the certificate is invalid. When I check sites that had this problem reported on https://www.ssllabs.com/ssltest/, in nearly every case in the last table in the report I found:
OCSP stapling: Invalid - Failed to validate response
I'm not a webserver admin, so I don't know whether this might be an out-of-date file or a glitch at Symantec or something else. I can say that if OCSP stapling is disabled in Firefox, and presumably if it is disabled on the webserver, the problem goes away.