This thread was archived. Please ask a new question if you need help.
OCSP validation failing.
Hi, Background: a few months ago I had to redeploy the CA for a network I manage. I was able to do so and publish the new intermediate CA's cert via Active Directory. Since then, I've updated certs on webhosts with certs from the new CA. Whenever a user uses FF (version 91.12.0) to browse to a site with the newly signed cert, I get an error stating "sec_error_ocsp_old". I've been able to temporarily advise users to disable OCSP Validation in FF security settings, but I'd REALLY like to fix this.
Other browsers (Edge, Chrome, Opera) all load the sites without issue.
Using this the below article, I double checked the time settings on the CA, Webserver, and clients: https://support.mozilla.org/en-US/kb/troubleshoot-time-errors-secure-websites
All the machines/VMs in question show the same time source, time, time zone, and sync interval.
I'm at a loss for what is happening. Any help would be greatly appreciated.
All Replies (1)
This feels like something that might get better traction if you open a bug in bugzilla (bugzilla.mozilla.org)