Today (May 28, 2017) I too was blocked from accessing outlook.com (https://outlook.live.com/owa/?path=/mail/inbox), with the following message: An error occurred during a connection to outlook.live.com. Invalid OCSP signing certificate in OCSP response. Error code: SEC_ERROR_OCSP_INVALID_SIGNING_CERT

Of course, I signed in successfully with Chrome and IE. Firefox is not doing itself any favors with this kind of nonsense.

If you get the SEC_ERROR_OCSP_INVALID_SIGNING_CERT error message then this is a problem with Microsoft servers that are sending a cached OCSP Staplingresponse that is signed with an expired certificate.

• https://portal.office.com/servicestatus

Microsoft needs to reboot/repair the servers that have cached this expired certificate that is used to sign the OCSP Stapling response. You should no longer experience this issue once the server that you access has been fixed. Hopefully they will fix this quickly on affected servers.

As a workaround you can temporarily toggle this pref to false on the about:config page to see if disabling OCSP Stapling works for you.

• security.ssl.enable_ocsp_stapling = false

You can open the about:config page: via the location/address bar. You can accept the warning and click "I'll be careful" to continue.

• http://kb.mozillazine.org/about:config

It is best to reset this pref via the right-click context menu to true once you are done with accessing an affected website since this is a security feature.

See also:

• https://en.wikipedia.org/wiki/OCSP_Stapling
• https://blog.mozilla.org/security/2013/07/29/ocsp-stapling-in-firefox/