Certificate error
Recently I started getting an error saying SEC_ERROR_REVOKED_CERTIFICATE while trying to open a website. That particular site can only be accessed through my demat account so replicating my situation is not possible. Other browsers like Chrome, Edge are able to open it but Firefox cant, it does only when OCSP is disabled. I reinstalled the browser but the problem remains. Pls tell me how to add that website to exception if its possible or delete all the certificates currently loaded on Firefox or a full reset of the browser removing all previous data. And is it okay if I keep OCSP off all the time?
Isisombululo esikhethiwe
Google Chrome doesn't check the validity of the server's certificate via OCSP like Firefox does and is thus less secure as such a certificate issue should be taken seriously. The certificate has been revoked and the website needs to acquire a new certificate.
If you really need to access this website and it only works with OCSP Stapling disabled then best is only only disable OCSP Stapling when you need to visit this website and leave it enabled for other websites.
See also:
- https://en.wikipedia.org/wiki/OCSP_Stapling
- https://blog.mozilla.org/security/2013/07/29/ocsp-stapling-in-firefox/
All Replies (3)
Web search; https://www.bing.com/search?q=SEC_ERROR_REVOKED_CERTIFICATE
There is something wrong with the certificate.
On both websites, try this;
Delete browsing, search and download history on Firefox {web link}
Remove a single website from your history {web link}
Open the History Manager <Control> (Mac=<Command>) <Shift> H. In the search bar, enter the name of the site. Right-click on one of the listings and select Forget About This Site. This should remove all information, including any site settings And Passwords.
Isisombululo Esikhethiwe
Google Chrome doesn't check the validity of the server's certificate via OCSP like Firefox does and is thus less secure as such a certificate issue should be taken seriously. The certificate has been revoked and the website needs to acquire a new certificate.
If you really need to access this website and it only works with OCSP Stapling disabled then best is only only disable OCSP Stapling when you need to visit this website and leave it enabled for other websites.
See also:
cor-el said
Google Chrome doesn't check the validity of the server's certificate via OCSP like Firefox does and is thus less secure as such a certificate issue should be taken seriously. The certificate has been revoked and the website needs to acquire a new certificate. If you really need to access this website and it only works with OCSP Stapling disabled then best is only only disable OCSP Stapling when you need to visit this website and leave it enabled for other websites. See also:
Thanks for clarifying, i thought there was something wrong with the browser. I guess disabling OCSP every time i visit that site is the only solution. Anyways, thanks for helping.