This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

সহায়তা খুঁজুন

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

আরও জানুন

I have one website that I can't connect with.It save error but it is a site I have visited many times but now can't. I can connect on Explorer but not Firefox.

more options

I get SEC_ERROR_OCSP_INVALID_ SIGNING_CERT. I have visited this site many times and this is the first time not getting on it. I can get enter this site using Explorer but not Firefox.

I get SEC_ERROR_OCSP_INVALID_ SIGNING_CERT. I have visited this site many times and this is the first time not getting on it. I can get enter this site using Explorer but not Firefox.

All Replies (1)

more options

You didn't mention the site, so I'll go with the headline news for now:

Did this just start about 6 hours ago? Firefox users have been getting OCSP errors on various major sites that use the Akamai Content Distribution Network.

As a temporary workaround, you can disable OCSP "stapling." With that change, instead of Firefox expecting sites to provide an OCSP certificate -- a verification that its certificate has not been revoked -- Firefox will query the service provider that signed the certificate. This is good for security but not the best arrangement for privacy, because the service provider knows a computer at your IP address is checking out that site. So after you finish using the site, you can switch the setting back.

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful or accepting the risk.

(2) In the search box above the list, type or paste ocsp and pause while the list is filtered

(3) Double-click the security.ssl.enable_ocsp_stapling preference to switch the value from true to false

Success?