Avatar for Username

Mozilla Destek’te Ara

Destek dolandırıcılığından kaçının. Mozilla sizden asla bir telefon numarasını aramanızı, mesaj göndermenizi veya kişisel bilgilerinizi paylaşmanızı istemez. Şüpheli durumları “Kötüye kullanım bildir” seçeneğini kullanarak bildirebilirsiniz.

Daha Fazlasını Öğren

Bu başlık arşivlendi. Yardıma ihtiyacınız varsa lütfen yeni bir soru sorun.

How do I bypass OCSP Errors?

  • 1 yanıt
  • 12 kişi bu sorunu yaşıyor
  • 1 gösterim
  • Son yanıtı yazan: guigs

palswim
palswim
more options

I've visited some sites recently that cause Firefox to show me errors like:

" Secure Connection Failed

An error occurred during a connection to example.com. The OCSP server has no status for the certificate. (Error code: sec_error_ocsp_unknown_cert) "

I would expect a button on the page that says something like "Add Exception...", but the page only gives me the "Try Again" button.

I can work around this by disabling OCSP completely in the "Options > Advanced > Certificates > Validation" section (by un-checking the "Use the [OCSP]..." box). Other solutions I've seen to similar problems (e.g. un-checking the "When an OCSP connection ... fails..." in the aforementioned "Validation" section or setting "security.ssl.enable_ocsp_stapling" to false in "about:config") do not let me load the page and do not provide an "Add Exception..." option.

I would like not to disable OCSP, so does another solution or workaround exist for this?

Also, we don't need a discussion about every site needing perfect certificate compliance with these answers, only solutions to the actual problem.

I've visited some sites recently that cause Firefox to show me errors like: " Secure Connection Failed An error occurred during a connection to example.com. The OCSP server has no status for the certificate. (Error code: sec_error_ocsp_unknown_cert) " I would expect a button on the page that says something like "Add Exception...", but the page only gives me the "Try Again" button. I can work around this by disabling OCSP completely in the "Options > Advanced > Certificates > Validation" section (by un-checking the "Use the [OCSP]..." box). Other solutions I've seen to similar problems (e.g. un-checking the "When an OCSP connection ... fails..." in the aforementioned "Validation" section or setting "security.ssl.enable_ocsp_stapling" to false in "about:config") do not let me load the page and do not provide an "Add Exception..." option. I would like not to disable OCSP, so does another solution or workaround exist for this? Also, we don't need a discussion about every site needing perfect certificate compliance with these answers, only solutions to the actual problem.

Tüm Yanıtlar (1)

guigs
guigs
more options

Hi palswim, Thank you for your question. I have seen this issue before and this is still a new feature for me, however the OCSP is pretty black and white. The only functions in about:config when you search for OCSP are there. Enable, require, and enable stapling. disabling require would turn of the function/ It may be best to try the #security irc channel on this one.

Plans for revocation