Avatar for Username

搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

Error code: SEC_ERROR_REVOKED_CERTIFICATE - OCSP query fails: how to report?

  • 1 个回答
  • 0 人有此问题
  • 5 次查看
  • 最后回复者为 chris wilson

lucrs4096
lucrs4096
more options

Today I suddenly started receiving the error code: SEC_ERROR_REVOKED_CERTIFICATE on a secure authentication page that was working until a few hours earlier, belonging to a major national bank.

https://www.ssllabs.com/ssltest/ cannot reach that page, other SSL checking sites report variable results (some say one cert in the chain has expired after a CRL, others say all is OK)

The same page/site works flawlessly on Chrome. Firefox incompatibility with popular portals is a growing trend unfortunately.

After a little digging with developer tools, it comes out the OCSP query reports the REVOKED_CERTIFICATE error. Disabling the "Query OCSP [..]" option in Firefox that website starts working fine again.

Now, I would like to still keep using the OCSP queries ON, and I definitely want to keep using Firefox for everything.

My question is: when a portal or website is found to be broken with Firefox (with default settings), with a root cause found like in this case, how can it be reported?

Having a clear report path would be useful to try to make the browser more compatible (in this case : was this a bug? Some wrong information on OCSP responders? Some mess caused by the website mantainers?)

Today I suddenly started receiving the error code: SEC_ERROR_REVOKED_CERTIFICATE on a secure authentication page that was working until a few hours earlier, belonging to a major national bank. https://www.ssllabs.com/ssltest/ cannot reach that page, other SSL checking sites report variable results (some say one cert in the chain has expired after a CRL, others say all is OK) The same page/site works flawlessly on Chrome. Firefox incompatibility with popular portals is a growing trend unfortunately. After a little digging with developer tools, it comes out the OCSP query reports the REVOKED_CERTIFICATE error. Disabling the "Query OCSP [..]" option in Firefox that website starts working fine again. Now, I would like to still keep using the OCSP queries ON, and I definitely want to keep using Firefox for everything. My question is: when a portal or website is found to be broken with Firefox (with default settings), with a root cause found like in this case, how can it be reported? Having a clear report path would be useful to try to make the browser more compatible (in this case : was this a bug? Some wrong information on OCSP responders? Some mess caused by the website mantainers?)

所有回复 (1)

chris wilson
chris wilson
more options

This issue highlights a mix of technical and compatibility challenges. The error code SEC_ERROR_REVOKED_CERTIFICATE suggests Firefox detected a revoked certificate via the OCSP query, which safeguards users against compromised certificates. Chrome's ability to load the page may indicate differences in OCSP enforcement or fallback behavior between browsers.

For reporting:

Bug Reporting: File a detailed report on Mozilla’s Bugzilla (https://bugzilla.mozilla.org/), including steps to reproduce and diagnostic data like OCSP responses or SSL Labs results.

Notify the Website: Inform the website’s support team of potential misconfigurations in their certificate chain or OCSP responder.

Community Insights: Engage with Mozilla’s support forums for feedback and validation before escalating.

有帮助吗?

我要提问

您需要登录才能回复。如果您还没账号,可以提出新问题