This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Error code: sec_error_ocsp_unauthorized_request

more options

I am NOT going to be nice. Here's descriptive - I turned OFF the "Query OCSP responder servers to confirm the current validity of certificates" option. Has no effect. Still I get this error:

An error occurred during a connection to **removed**.com. The OCSP server has refused this request as unauthorized. (Error code: sec_error_ocsp_unauthorized_request)

   The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
   Please contact the website owners to inform them of this problem.

You ... ... won't even let the website load. Try again. Try again. Try again. Try again. Try again. Try again. The site certificate is fine as evidenced by SIX different SSL certificate checker websites. I can't add an exception because FF can't get the certificate.

I've tried clearing everything - cache, history, cookies, yada yada

I am SO Annoyed you people have cost me more time.

It's just fine in IE and Chrome.

If I didn't need firebug, I'd switch to Chrome right now.


edited due to language as per forum-rules-and-guidelines

I am NOT going to be nice. Here's descriptive - I turned OFF the "Query OCSP responder servers to confirm the current validity of certificates" option. Has no effect. Still I get this error: An error occurred during a connection to **removed**.com. The OCSP server has refused this request as unauthorized. (Error code: sec_error_ocsp_unauthorized_request) The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem. You ... ... won't even let the website load. Try again. Try again. Try again. Try again. Try again. Try again. The site certificate is fine as evidenced by SIX different SSL certificate checker websites. I can't add an exception because FF can't get the certificate. I've tried clearing everything - cache, history, cookies, yada yada I am SO Annoyed you people have cost me more time. It's just fine in IE and Chrome. If I didn't need firebug, I'd switch to Chrome right now. edited due to language as per [https://support.mozilla.org/en-US/kb/forum-rules-and-guidelines forum-rules-and-guidelines]

Modified by James

Chosen solution

You're right, it doesn't make sense.

Never created an exception for the site.

What FINALLY worked was renaming the cert8.db file in the profile folder so FF could generate a new one. Then FF grabbed the cert just fine.

Thank you for the help, sorry for the earlier rant.

Read this answer in context 👍 0

All Replies (10)

more options

What is your problem? This isn't your first question here, so you know the forum is staffed by users volunteering their time. Is this how you generally go around asking for help from people who could just as well be going to have dinner now? Give me a freaking break.

more options

I'm assuming you only have this problem with one website. Is that correct?

In case a bad OCSP certificate is stapled to the site certificate, try disabling stapling here:

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful.

(2) In the search box above the list, type or paste ocsp and pause while the list is filtered

(3) Double-click the security.ssl.enable_ocsp_stapling preference to toggle it from true to false

Any difference?

more options

My rant is not directed at the volunteers here, but at the developers who seem to be inaccessible.

I don't need help, there doesn't seem to be any help for this problem, at least that mere mortals can solve.

For FF to completely block access to a site because it thinks there is a certificate problem is inexcusable.

Sorry for bothering you, go eat your dinner.

more options

jscher2000 said

I'm assuming you only have this problem with one website. Is that correct? In case a bad OCSP certificate is stapled to the site certificate, try disabling stapling here: (1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful. (2) In the search box above the list, type or paste ocsp and pause while the list is filtered (3) Double-click the security.ssl.enable_ocsp_stapling preference to toggle it from true to false Any difference?

Thank you for trying, but it has no effect.

more options

I meant 'go eat your dinner' in a nice way. I know this isn't your fault and I appreciate you trying to help. My time is money and this has cost two hours already.

more options

All of the OCSP settings, except for sync-related, are either false or 0. I have cleared the cache and cookies, and restarted the browser. No effect, still same error. Trying to add an exception, but error displays "Unable to get status information for this website" when the Get Certificate button is pushed; can't add exception without cert.

more options

What server is this about? Did this website work in previous Firefox versions?

Boot the computer in Windows Safe Mode with network support (press F8 on the boot screen) to see if that helps.

more options

Thank you for the suggestion, but safe mode was no help, same behavior.

My biggest complaint is that there is no facility to ignore bad certificates (even though it isn't bad, as I have said).

more options

This error message doesn't make any sense if there isn't an OCSP check being done. If you ever added an exception for this site, try deleting it.

"3-bar" menu button (or Tools menu) > Options > Advanced > Certificates mini-tab > "View Certificates" button > Servers tab

That's also the tab where you could try importing the certificate after you export it from another browser.

more options

Chosen Solution

You're right, it doesn't make sense.

Never created an exception for the site.

What FINALLY worked was renaming the cert8.db file in the profile folder so FF could generate a new one. Then FF grabbed the cert just fine.

Thank you for the help, sorry for the earlier rant.