Avatar for Username

Поиск в Поддержке

Избегайте мошенников, выдающих себя за службу поддержки. Мы никогда не попросим вас позвонить, отправить текстовое сообщение или поделиться личной информацией. Сообщайте о подозрительной активности, используя функцию «Пожаловаться».

Подробнее

Error code: SEC_ERROR_REVOKED_CERTIFICATE - OCSP query fails: how to report?

  • 1 ответ
  • 0 имеют эту проблему
  • Последний ответ от chris wilson

lucrs4096
lucrs4096
more options

Today I suddenly started receiving the error code: SEC_ERROR_REVOKED_CERTIFICATE on a secure authentication page that was working until a few hours earlier, belonging to a major national bank.

https://www.ssllabs.com/ssltest/ cannot reach that page, other SSL checking sites report variable results (some say one cert in the chain has expired after a CRL, others say all is OK)

The same page/site works flawlessly on Chrome. Firefox incompatibility with popular portals is a growing trend unfortunately.

After a little digging with developer tools, it comes out the OCSP query reports the REVOKED_CERTIFICATE error. Disabling the "Query OCSP [..]" option in Firefox that website starts working fine again.

Now, I would like to still keep using the OCSP queries ON, and I definitely want to keep using Firefox for everything.

My question is: when a portal or website is found to be broken with Firefox (with default settings), with a root cause found like in this case, how can it be reported?

Having a clear report path would be useful to try to make the browser more compatible (in this case : was this a bug? Some wrong information on OCSP responders? Some mess caused by the website mantainers?)

Today I suddenly started receiving the error code: SEC_ERROR_REVOKED_CERTIFICATE on a secure authentication page that was working until a few hours earlier, belonging to a major national bank. https://www.ssllabs.com/ssltest/ cannot reach that page, other SSL checking sites report variable results (some say one cert in the chain has expired after a CRL, others say all is OK) The same page/site works flawlessly on Chrome. Firefox incompatibility with popular portals is a growing trend unfortunately. After a little digging with developer tools, it comes out the OCSP query reports the REVOKED_CERTIFICATE error. Disabling the "Query OCSP [..]" option in Firefox that website starts working fine again. Now, I would like to still keep using the OCSP queries ON, and I definitely want to keep using Firefox for everything. My question is: when a portal or website is found to be broken with Firefox (with default settings), with a root cause found like in this case, how can it be reported? Having a clear report path would be useful to try to make the browser more compatible (in this case : was this a bug? Some wrong information on OCSP responders? Some mess caused by the website mantainers?)

Все ответы (1)

chris wilson
chris wilson
more options

This issue highlights a mix of technical and compatibility challenges. The error code SEC_ERROR_REVOKED_CERTIFICATE suggests Firefox detected a revoked certificate via the OCSP query, which safeguards users against compromised certificates. Chrome's ability to load the page may indicate differences in OCSP enforcement or fallback behavior between browsers.

For reporting:

Bug Reporting: File a detailed report on Mozilla’s Bugzilla (https://bugzilla.mozilla.org/), including steps to reproduce and diagnostic data like OCSP responses or SSL Labs results.

Notify the Website: Inform the website’s support team of potential misconfigurations in their certificate chain or OCSP responder.

Community Insights: Engage with Mozilla’s support forums for feedback and validation before escalating.

Полезно?

Задать вопрос

Для ответа на сообщения вы должны войти в свою учётную запись. Пожалуйста, задайте новый вопрос, если у вас ещё нет учётной записи.