This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Cannot use Microsoft 365 Online

  • 3 replies
  • 9 have this problem
  • 1 view
  • Last reply by cor-el

more options

I have to use Microsoft Office 365 for my work. Suddenly (just over this weekend) I am getting an error message whenever I try; to use any of the online programs besides Outlook, such as OneDrive or Word Online:

An error occurred during a connection to login.windows.net. Invalid OCSP signing certificate in OCSP response. Error code: SEC_ERROR_OCSP_INVALID_SIGNING_CERT

   The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
   Please contact the website owners to inform them of this problem.

This has never been a problem before the Memorial Day weekend. I have two Microsoft-365 accounts, and they are both giving me this error message. How do I fix it?

I should mention that I tried it on Microsoft Edge, and it worked fine. I prefer Firefox over Edge, but if I cannot access my work documents, then I will have no choice but to switch over to Edge.

I have to use Microsoft Office 365 for my work. Suddenly (just over this weekend) I am getting an error message whenever I try; to use any of the online programs besides Outlook, such as OneDrive or Word Online: An error occurred during a connection to login.windows.net. Invalid OCSP signing certificate in OCSP response. Error code: SEC_ERROR_OCSP_INVALID_SIGNING_CERT The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem. This has never been a problem before the Memorial Day weekend. I have two Microsoft-365 accounts, and they are both giving me this error message. How do I fix it? I should mention that I tried it on Microsoft Edge, and it worked fine. I prefer Firefox over Edge, but if I cannot access my work documents, then I will have no choice but to switch over to Edge.

Modified by aeb79

Chosen solution

If you get the SEC_ERROR_OCSP_INVALID_SIGNING_CERT error message then this is a problem with Microsoft servers that are sending a cached OCSP Staplingresponse that is signed with an expired certificate.

Microsoft needs to reboot/repair the servers that have cached this expired certificate that is used to sign the OCSP Stapling response. You should no longer experience this issue once the server that you access has been fixed. Hopefully they will fix this quickly on affected servers.


As a workaround you can temporarily toggle this pref to false on the about:config page to see if disabling OCSP Stapling works for you.

  • security.ssl.enable_ocsp_stapling = false

You can open the about:config page: via the location/address bar. You can accept the warning and click "I'll be careful" to continue.

It is best to reset this pref via the right-click context menu to true once you are done with accessing an affected website since this is a security feature.

See also:

Read this answer in context 👍 2

All Replies (3)

more options

Chosen Solution

If you get the SEC_ERROR_OCSP_INVALID_SIGNING_CERT error message then this is a problem with Microsoft servers that are sending a cached OCSP Staplingresponse that is signed with an expired certificate.

Microsoft needs to reboot/repair the servers that have cached this expired certificate that is used to sign the OCSP Stapling response. You should no longer experience this issue once the server that you access has been fixed. Hopefully they will fix this quickly on affected servers.


As a workaround you can temporarily toggle this pref to false on the about:config page to see if disabling OCSP Stapling works for you.

  • security.ssl.enable_ocsp_stapling = false

You can open the about:config page: via the location/address bar. You can accept the warning and click "I'll be careful" to continue.

It is best to reset this pref via the right-click context menu to true once you are done with accessing an affected website since this is a security feature.

See also:

more options

Thank you, this was very helpful! Your work-around worked for now, and I put in a ticket with my IT people to investigate how to handle the problem with Microsoft.

more options

Microsoft needs to fix this on their servers. You can follow the progress via this website.