OCSP error when accessing secure sites: Difference between revisions
Alice Wyman (talk | contribs) (added Wikipedia link describing OCSP. Linked "Tools -> Options" to Menu differences. "External links" added for SUMO version of this article) |
Alice Wyman (talk | contribs) (Firefox 3 and above enables OCSP by default, option to suppress certificate error when OCSP fails is disabled by default - bug 110161 See Talk:SSL_is_disabled#OCSP) |
||
Line 1: | Line 1: | ||
OCSP ([http://en.wikipedia.org/wiki/Online_Certificate_Status_Protocol Online Certificate Status Protocol]) is a security feature that ensures that certificates issued to sites you visit have not been revoked. OCSP | OCSP ([http://en.wikipedia.org/wiki/Online_Certificate_Status_Protocol Online Certificate Status Protocol]) is a security feature that ensures that certificates issued to sites you visit have not been revoked. This article deals with OCSP error messages when visiting secure (https) sites. | ||
If OCSP is enabled, you may receive errors visiting secure sites when the OCSP service chosen is malfunctioning or not available. The text of the messages can vary depending on what exactly is going wrong. | OCSP is disabled by default in Firefox 2, but can be enabled in Advanced options ("[[Menu differences|Tools -> Options]] -> Advanced ->Encryption / Certificates -> Verification). If OCSP is enabled, you may receive errors visiting secure sites when the OCSP service chosen is malfunctioning or not available. The text of the messages can vary depending on what exactly is going wrong. | ||
In Firefox 3, | In Firefox 3 and above, OCSP is enabled by default; however, errors when an OCSP server connection fails are also suppressed by default ("Tools -> Options -> Advanced -> Encryption -> Validation -> When an OCSP server connection fails, treat the certificate as invalid" is unchecked, by default). [https://bugzilla.mozilla.org/show_bug.cgi?id=110161] | ||
There is no way to suppress these errors in Firefox 2 and below, short of disabling OCSP. To disable OCSP in Firefox 2: | |||
# Go to "[[Menu differences|Tools -> Options]] -> Advanced -> Encryption / Certificates -> Verification". | # Go to "[[Menu differences|Tools -> Options]] -> Advanced -> Encryption / Certificates -> Verification". | ||
# Select '''Do not use OCSP for certification validation'''. | # Select '''Do not use OCSP for certification validation'''. | ||
Line 11: | Line 13: | ||
==External links== | ==External links== | ||
*[http://support.mozilla.com/en-US/kb/OCSP+error+when+accessing+secure+sites OCSP error when accessing secure sites (Firefox Support)] | *[http://support.mozilla.com/en-US/kb/OCSP+error+when+accessing+secure+sites OCSP error when accessing secure sites (Firefox Support)] | ||
*[https://bugzilla.mozilla.org/show_bug.cgi?id=110161 Bug 110161 - (ocspdefault) enable OCSP by default] | |||
[[Category:Issues (Firefox)]] | [[Category:Issues (Firefox)]] |
Revision as of 12:10, 7 September 2009
OCSP (Online Certificate Status Protocol) is a security feature that ensures that certificates issued to sites you visit have not been revoked. This article deals with OCSP error messages when visiting secure (https) sites.
OCSP is disabled by default in Firefox 2, but can be enabled in Advanced options ("Tools -> Options -> Advanced ->Encryption / Certificates -> Verification). If OCSP is enabled, you may receive errors visiting secure sites when the OCSP service chosen is malfunctioning or not available. The text of the messages can vary depending on what exactly is going wrong.
In Firefox 3 and above, OCSP is enabled by default; however, errors when an OCSP server connection fails are also suppressed by default ("Tools -> Options -> Advanced -> Encryption -> Validation -> When an OCSP server connection fails, treat the certificate as invalid" is unchecked, by default). [1]
There is no way to suppress these errors in Firefox 2 and below, short of disabling OCSP. To disable OCSP in Firefox 2:
- Go to "Tools -> Options -> Advanced -> Encryption / Certificates -> Verification".
- Select Do not use OCSP for certification validation.
For information on other messages received when accessing secure sites, see Error loading secure sites.