X
Appuyez ici pour vous rendre sur la version mobile du site.

Forum d’assistance

(Invalid OCSP signing certificate in OCSP response(Error code: sec_error_ocsp_invalid_signing_cert)

Publié

After this update (31.0), I get this error when I try to go to Fanfiction.net. Is there anything being done, or is there anything I can do? I will not do anything that's open my computer to viruses.

After this update (31.0), I get this error when I try to go to Fanfiction.net. Is there anything being done, or is there anything I can do? I will not do anything that's open my computer to viruses.

Solution choisie

hello granberrydl, ocsp is an advanced security feature in firefox - this error needs to be fixed by the web site in question, so please also contact their support channels and report the issue.

you can temporarily work around the issue and turn off ocsp stapling: enter about:config into the firefox address bar (confirm the info message in case it shows up) & search for the preference named security.ssl.enable_ocsp_stapling. double-click it and change its value to false.
since this will slightly lower your security, it is important however, that after a bit of time when the issue gets resolved by the site (maybe try again in 24 hours), you go back and switch the setting to "true" again!

Lire cette réponse dans son contexte 62

Détails additionnels sur le système

Plugins installés

  • Next Generation Java Plug-in 10.65.2 for Mozilla browsers
  • NPRuntime Script Plug-in Library for Java(TM) Deploy
  • Shockwave Flash 14.0 r0
  • Adobe Shockwave for Director Netscape plug-in, version 12.1
  • The plugin allows you to have a better experience with Microsoft SharePoint
  • NPWLPG

Application

  • Agent utilisateur : Mozilla/5.0 (Windows NT 6.3; WOW64; rv:31.0) Gecko/20100101 Firefox/31.0

Plus d’informations

philipp
  • Top 25 Contributor
  • Moderator
5348 solutions 23619 réponses

Solution choisie

hello granberrydl, ocsp is an advanced security feature in firefox - this error needs to be fixed by the web site in question, so please also contact their support channels and report the issue.

you can temporarily work around the issue and turn off ocsp stapling: enter about:config into the firefox address bar (confirm the info message in case it shows up) & search for the preference named security.ssl.enable_ocsp_stapling. double-click it and change its value to false.
since this will slightly lower your security, it is important however, that after a bit of time when the issue gets resolved by the site (maybe try again in 24 hours), you go back and switch the setting to "true" again!

hello granberrydl, ocsp is an advanced security feature in firefox - this error needs to be fixed by the web site in question, so please also contact their support channels and report the issue. you can temporarily work around the issue and turn off ocsp stapling: enter '''about:config''' into the firefox address bar (confirm the info message in case it shows up) & search for the preference named '''security.ssl.enable_ocsp_stapling'''. double-click it and change its value to '''false'''. <br>since this will slightly lower your security, it is important however, that after a bit of time when the issue gets resolved by the site (maybe try again in 24 hours), you go back and switch the setting to "true" again!
kuopiofi 2 solutions 85 réponses

Réponse utile

Yup, started again. Hope someone fixes this fast.

Yup, started again. Hope someone fixes this fast.
thierscso 0 solutions 1 réponses

This just started happening for me as well. I have verified that our certs are all still valid and unrevoked, and testing using GlobalSign's verification utility which said our site was configured correctly and passes testing for OCSP. We are serving a survey consumed by universities but filled out by their alumni, so we have no contact with the users of our site, meaning that the workaround is not viable and it is effectively broken for everyone using FF.

Edit: I checked our site right before I started typing this reply and it was not working after multiple CTRL+F5 refreshes. I checked it after, and it was back to working. I am the sole maintainer of the domain and the certificates on it, and I can verify that nothing was done to our site to either cause it to stop working or start working again.

This just started happening for me as well. I have verified that our certs are all still valid and unrevoked, and testing using GlobalSign's verification utility which said our site was configured correctly and passes testing for OCSP. We are serving a survey consumed by universities but filled out by their alumni, so we have no contact with the users of our site, meaning that the workaround is not viable and it is effectively broken for everyone using FF. Edit: I checked our site right before I started typing this reply and it was not working after multiple CTRL+F5 refreshes. I checked it after, and it was back to working. I am the sole maintainer of the domain and the certificates on it, and I can verify that nothing was done to our site to either cause it to stop working or start working again.

Modifié le par thierscso