Този сайт ще има ограничена функционалност, докато се извършва тече неговата поддръжка. Ако дадена статия не може реши проблема ви и искате да зададете въпрос, нашата общност е готова да ви помогне на @firefox в Twitter и /r/firefox в Reddit.

Търсене в помощните статии

Избягвайте измамите при поддръжката. Никога няма да ви помолим да се обадите или изпратите SMS на телефонен номер или да споделите лична информация. Моля, докладвайте подозрителна активност на "Докладване за злоупотреба".

Научете повече

Same certificate not verified on one site but is on another

  • 2 отговора
  • 2 имат този проблем
  • 1 изглед
  • Последен отговор от MrTree

more options

I have a wildcard SSL certificate used to secure a live and test site. With identical code the test site shows fine in Firefox (Windows Version 38.0.5) but the live site will not show and replaces the page with: "Secure Connection Failed

An error occurred during a connection to app.cognisess.com. Invalid OCSP signing certificate in OCSP response. (Error code: sec_error_ocsp_invalid_signing_cert)

   The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
   Please contact the web site owners to inform them of this problem."

The security details show the certificate as "Verified by: Not specified" in the live site, while test site shows verified by GlobalSign nv-sa

Presumably if it's the same certificate, we shouldn't get an error in one place but not an other. Working fine with no errors on latest Chrome/IE, etc. I've verified there is no mixed-content on the page both manually and via whynopadlock.com.

Live site is https://app.cognisess.com and test site just replace app with testing.

Any ideas? I'd appreciate any help fixing this issue at our end if it's not a bug in the browser.

I have a wildcard SSL certificate used to secure a live and test site. With identical code the test site shows fine in Firefox (Windows Version 38.0.5) but the live site will not show and replaces the page with: "Secure Connection Failed An error occurred during a connection to app.cognisess.com. Invalid OCSP signing certificate in OCSP response. (Error code: sec_error_ocsp_invalid_signing_cert) The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the web site owners to inform them of this problem." The security details show the certificate as "Verified by: Not specified" in the live site, while test site shows verified by GlobalSign nv-sa Presumably if it's the same certificate, we shouldn't get an error in one place but not an other. Working fine with no errors on latest Chrome/IE, etc. I've verified there is no mixed-content on the page both manually and via whynopadlock.com. Live site is https://app.cognisess.com and test site just replace app with testing. Any ideas? I'd appreciate any help fixing this issue at our end if it's not a bug in the browser.

Избрано решение

That looks like a problem with OCSP stapling that isn't working properly. The server should support OCSP stapling.

It works if I disable OCSP stapling, but that is not recommended for normal usage.

Прочетете този отговор в контекста 👍 2

Всички отговори (2)

more options

Избрано решение

That looks like a problem with OCSP stapling that isn't working properly. The server should support OCSP stapling.

It works if I disable OCSP stapling, but that is not recommended for normal usage.

more options

Thanks for pushing me in the right direction. I hadn't thought to check the server cipher set, but by using the set recommended by the IISCrypto tool from Nartac, and rebooted, our live site is working again.