Get message "Invalid OCSP signing certificate in OCSP response. Error code: SEC_ERROR_OCSP_INVALID_SIGNING_CERT"
Get this trying to access hotmail via Firefox. Doesn't occur from Opera.
Обране рішення
We will try to keep latest news in a contributors thread
- SEC_ERROR_OCSP_INVALID_SIGNING_CERT when I try to access my hotmail account. /forums/contributors/712461
There is a workaround to get Firefox working, otherwise it is a case of wait for MS to fix their problem.
John99 said
It is a problem with Microsoft Servers. I will copy an answer I posted in another threadЧитати цю відповідь у контексті 👍 0John99 said
- Yesterday and every other day you considered the security fine,but today you decide it is not.I like to c heck my emails if you don't mind. /questions/1161968
Security is not fine today. That is Firefox doing its job and telling you something is wrong with the Microsoft site. Hopefully it is a temporary relatively harmless misconfiguration, and not a sign that the MS servers and sites with copies of your emails on have been compromised.
Further information
To clarify use the threebar button top right. Next click on options (cog icon). Then use Advanced Look for the tab or panel Certificates Remove the tick by clicking the tick in the box in front of OCSP
It is probably best to make sure that is back on again if you need to do anything important like banking, and of course once MS fixes the issue turn it back on permanently.
Alternative method
cor-el said: {/questions/1161934#answer-972795}
There seems to be something wrong on some Microsoft servers. Hopefully they fix this quickly on affected servers. This looks like a problem with OCSP stapling on the server because it works when I disable OCSP Stapling in Firefox.You can temporarily toggle this pref to false on the about:config page to see if disabling OCSP Stapling works for you. It is best to reset this pref via the right-click context menu to true once you are done with the this website.
- https://en.wikipedia.org/wiki/OCSP_Stapling
- https://blog.mozilla.org/security/2013/07/29/ocsp-stapling-in-firefox/
- security.ssl.enable_ocsp_stapling = false
Please see also this article explaining how to use about:config
Усі відповіді (2)
Hi, Microsoft knows about this and is working on it.
Вибране рішення
We will try to keep latest news in a contributors thread
- SEC_ERROR_OCSP_INVALID_SIGNING_CERT when I try to access my hotmail account. /forums/contributors/712461
There is a workaround to get Firefox working, otherwise it is a case of wait for MS to fix their problem.
John99 said
It is a problem with Microsoft Servers. I will copy an answer I posted in another threadJohn99 said
- Yesterday and every other day you considered the security fine,but today you decide it is not.I like to c heck my emails if you don't mind. /questions/1161968
Security is not fine today. That is Firefox doing its job and telling you something is wrong with the Microsoft site. Hopefully it is a temporary relatively harmless misconfiguration, and not a sign that the MS servers and sites with copies of your emails on have been compromised.
Further information
To clarify use the threebar button top right. Next click on options (cog icon). Then use Advanced Look for the tab or panel Certificates Remove the tick by clicking the tick in the box in front of OCSP
It is probably best to make sure that is back on again if you need to do anything important like banking, and of course once MS fixes the issue turn it back on permanently.
Alternative method
cor-el said: {/questions/1161934#answer-972795}
There seems to be something wrong on some Microsoft servers. Hopefully they fix this quickly on affected servers. This looks like a problem with OCSP stapling on the server because it works when I disable OCSP Stapling in Firefox.You can temporarily toggle this pref to false on the about:config page to see if disabling OCSP Stapling works for you. It is best to reset this pref via the right-click context menu to true once you are done with the this website.
- https://en.wikipedia.org/wiki/OCSP_Stapling
- https://blog.mozilla.org/security/2013/07/29/ocsp-stapling-in-firefox/
- security.ssl.enable_ocsp_stapling = false
Please see also this article explaining how to use about:config