How can you set Firefox to, or tell if FF is always checking for certificate revocation?
I am anticipating a number of certificate revocations related to the heartbleed voulnerability, and would like to be able to check whether Firefox is checking for revocation, and tell it to if not.
Giải pháp được chọn
By default, Firefox will check but, if the OCSP server is not available, will accept the certificate for the time being.
Edit menu > Preferences > Advanced > Certificates mini-tab > "Validation" button
Đọc câu trả lời này trong ngữ cảnh 👍 6Tất cả các câu trả lời (2)
Giải pháp được chọn
By default, Firefox will check but, if the OCSP server is not available, will accept the certificate for the time being.
Edit menu > Preferences > Advanced > Certificates mini-tab > "Validation" button
For this heartbleed issue you can also temporarily disable OCSP Stapling by setting the security.ssl.enable_ocsp_stapling pref to false on the about:config page.
Make sure to check in a few days if you still need this workaround and if necessary reset the pref to true.