Forum Discussion
Firefox cannot open this site (OCSP)
Today suddenly Firefox is not able to open this site anymore. Shows
Error code: MOZILLA_PKIX_ERROR_OCSP_RESPONSE_FOR_CERT_MISSING
Works in Edge (probably also Chrome). Same error using fresh profile in Firefox. Cannot reach OCSP service to check the cert revocation info or something like that. Same happens in VM, so not PC problem.
- This has now been worked around, we will obviously now wait for the bug fix from Mozilla before we undo the workaround. Thanks for highlight.
4 Replies
- Allen
Community Manager
This has now been worked around, we will obviously now wait for the bug fix from Mozilla before we undo the workaround. Thanks for highlight.- Tested. Works now without disabling stapling. Thanks.
I saw that bug ticket for Firefox was resolved, so maybe in next release it will get fixed.
- Allen
Thanks for the report, this is a new feature in Mozilla Firefox called OCSP Stapling and is designed to be a new way to verify the authenticity of a website certificate, you can read more about it here.I had seen this before and there is an article over on askvg (external site) about it, I will have a chat with out security folks as it doesn't look like its only us thats affected and see if there is something we can do other than advise users to turn it off..
I don't like telling users to turn off things to improve security 😛
Allen
- Thanks. This seems to be related to SHA-256 use in OCSP and Firefox not supporting it yet https://bugzilla.mozilla.org/show_bug.cgi?id=966856
