Error code: sec_error_ocsp_unauthorized_request
I am NOT going to be nice. Here's descriptive - I turned OFF the "Query OCSP responder servers to confirm the current validity of certificates" option. Has no effect. Still I get this error:
An error occurred during a connection to **removed**.com. The OCSP server has refused this request as unauthorized. (Error code: sec_error_ocsp_unauthorized_request)
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem.
You ... ... won't even let the website load. Try again. Try again. Try again. Try again. Try again. Try again. The site certificate is fine as evidenced by SIX different SSL certificate checker websites. I can't add an exception because FF can't get the certificate.
I've tried clearing everything - cache, history, cookies, yada yada
I am SO Annoyed you people have cost me more time.
It's just fine in IE and Chrome.
If I didn't need firebug, I'd switch to Chrome right now.
edited due to language as per forum-rules-and-guidelines
Modified
Chosen solution
You're right, it doesn't make sense.
Never created an exception for the site.
What FINALLY worked was renaming the cert8.db file in the profile folder so FF could generate a new one. Then FF grabbed the cert just fine.
Thank you for the help, sorry for the earlier rant.
Read this answer in context 👍 0All Replies (10)
What is your problem? This isn't your first question here, so you know the forum is staffed by users volunteering their time. Is this how you generally go around asking for help from people who could just as well be going to have dinner now? Give me a freaking break.
I'm assuming you only have this problem with one website. Is that correct?
In case a bad OCSP certificate is stapled to the site certificate, try disabling stapling here:
(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful.
(2) In the search box above the list, type or paste ocsp and pause while the list is filtered
(3) Double-click the security.ssl.enable_ocsp_stapling preference to toggle it from true to false
Any difference?
My rant is not directed at the volunteers here, but at the developers who seem to be inaccessible.
I don't need help, there doesn't seem to be any help for this problem, at least that mere mortals can solve.
For FF to completely block access to a site because it thinks there is a certificate problem is inexcusable.
Sorry for bothering you, go eat your dinner.
jscher2000 said
I'm assuming you only have this problem with one website. Is that correct? In case a bad OCSP certificate is stapled to the site certificate, try disabling stapling here: (1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful. (2) In the search box above the list, type or paste ocsp and pause while the list is filtered (3) Double-click the security.ssl.enable_ocsp_stapling preference to toggle it from true to false Any difference?
Thank you for trying, but it has no effect.
I meant 'go eat your dinner' in a nice way. I know this isn't your fault and I appreciate you trying to help. My time is money and this has cost two hours already.
All of the OCSP settings, except for sync-related, are either false or 0. I have cleared the cache and cookies, and restarted the browser. No effect, still same error. Trying to add an exception, but error displays "Unable to get status information for this website" when the Get Certificate button is pushed; can't add exception without cert.
What server is this about? Did this website work in previous Firefox versions?
Boot the computer in Windows Safe Mode with network support (press F8 on the boot screen) to see if that helps.
Thank you for the suggestion, but safe mode was no help, same behavior.
My biggest complaint is that there is no facility to ignore bad certificates (even though it isn't bad, as I have said).
This error message doesn't make any sense if there isn't an OCSP check being done. If you ever added an exception for this site, try deleting it.
"3-bar" menu button (or Tools menu) > Options > Advanced > Certificates mini-tab > "View Certificates" button > Servers tab
That's also the tab where you could try importing the certificate after you export it from another browser.
Chosen Solution
You're right, it doesn't make sense.
Never created an exception for the site.
What FINALLY worked was renaming the cert8.db file in the profile folder so FF could generate a new one. Then FF grabbed the cert just fine.
Thank you for the help, sorry for the earlier rant.