Cannot use Microsoft 365 Online
I have to use Microsoft Office 365 for my work. Suddenly (just over this weekend) I am getting an error message whenever I try; to use any of the online programs besides Outlook, such as OneDrive or Word Online:
An error occurred during a connection to login.windows.net. Invalid OCSP signing certificate in OCSP response. Error code: SEC_ERROR_OCSP_INVALID_SIGNING_CERT
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem.
This has never been a problem before the Memorial Day weekend. I have two Microsoft-365 accounts, and they are both giving me this error message. How do I fix it?
I should mention that I tried it on Microsoft Edge, and it worked fine. I prefer Firefox over Edge, but if I cannot access my work documents, then I will have no choice but to switch over to Edge.
Ilungisiwe
Isisombulu esikhethiweyo
If you get the SEC_ERROR_OCSP_INVALID_SIGNING_CERT error message then this is a problem with Microsoft servers that are sending a cached OCSP Staplingresponse that is signed with an expired certificate.
Microsoft needs to reboot/repair the servers that have cached this expired certificate that is used to sign the OCSP Stapling response. You should no longer experience this issue once the server that you access has been fixed. Hopefully they will fix this quickly on affected servers.
As a workaround you can temporarily toggle this pref to false on the about:config page to see if disabling OCSP Stapling works for you.
- security.ssl.enable_ocsp_stapling = false
You can open the about:config page: via the location/address bar. You can accept the warning and click "I'll be careful" to continue.
It is best to reset this pref via the right-click context menu to true once you are done with accessing an affected website since this is a security feature.
See also:
- https://en.wikipedia.org/wiki/OCSP_Stapling
- https://blog.mozilla.org/security/2013/07/29/ocsp-stapling-in-firefox/
All Replies (3)
Isisombululo esiKhethiweyo
If you get the SEC_ERROR_OCSP_INVALID_SIGNING_CERT error message then this is a problem with Microsoft servers that are sending a cached OCSP Staplingresponse that is signed with an expired certificate.
Microsoft needs to reboot/repair the servers that have cached this expired certificate that is used to sign the OCSP Stapling response. You should no longer experience this issue once the server that you access has been fixed. Hopefully they will fix this quickly on affected servers.
As a workaround you can temporarily toggle this pref to false on the about:config page to see if disabling OCSP Stapling works for you.
- security.ssl.enable_ocsp_stapling = false
You can open the about:config page: via the location/address bar. You can accept the warning and click "I'll be careful" to continue.
It is best to reset this pref via the right-click context menu to true once you are done with accessing an affected website since this is a security feature.
See also:
Thank you, this was very helpful! Your work-around worked for now, and I put in a ticket with my IT people to investigate how to handle the problem with Microsoft.
Microsoft needs to fix this on their servers. You can follow the progress via this website.