This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

(Invalid OCSP signing certificate in OCSP response(Error code: sec_error_ocsp_invalid_signing_cert)

  • 3 replies
  • 288 have this problem
  • 1 view
  • Last reply by thierscso

more options

After this update (31.0), I get this error when I try to go to Fanfiction.net. Is there anything being done, or is there anything I can do? I will not do anything that's open my computer to viruses.

After this update (31.0), I get this error when I try to go to Fanfiction.net. Is there anything being done, or is there anything I can do? I will not do anything that's open my computer to viruses.

Chosen solution

hello granberrydl, ocsp is an advanced security feature in firefox - this error needs to be fixed by the web site in question, so please also contact their support channels and report the issue.

you can temporarily work around the issue and turn off ocsp stapling: enter about:config into the firefox address bar (confirm the info message in case it shows up) & search for the preference named security.ssl.enable_ocsp_stapling. double-click it and change its value to false.
since this will slightly lower your security, it is important however, that after a bit of time when the issue gets resolved by the site (maybe try again in 24 hours), you go back and switch the setting to "true" again!

Read this answer in context 👍 62

All Replies (3)

more options

Chosen Solution

hello granberrydl, ocsp is an advanced security feature in firefox - this error needs to be fixed by the web site in question, so please also contact their support channels and report the issue.

you can temporarily work around the issue and turn off ocsp stapling: enter about:config into the firefox address bar (confirm the info message in case it shows up) & search for the preference named security.ssl.enable_ocsp_stapling. double-click it and change its value to false.
since this will slightly lower your security, it is important however, that after a bit of time when the issue gets resolved by the site (maybe try again in 24 hours), you go back and switch the setting to "true" again!

more options

Yup, started again. Hope someone fixes this fast.

more options

This just started happening for me as well. I have verified that our certs are all still valid and unrevoked, and testing using GlobalSign's verification utility which said our site was configured correctly and passes testing for OCSP. We are serving a survey consumed by universities but filled out by their alumni, so we have no contact with the users of our site, meaning that the workaround is not viable and it is effectively broken for everyone using FF.

Edit: I checked our site right before I started typing this reply and it was not working after multiple CTRL+F5 refreshes. I checked it after, and it was back to working. I am the sole maintainer of the domain and the certificates on it, and I can verify that nothing was done to our site to either cause it to stop working or start working again.

Modified by thierscso