2001122106 When the "Only for certificates that specify an OCSP address" option is turned on this error can occur: You cannot connect to lc3.law13.hotmail.passport.com because of an unknown SSL error (-8061) This is rather cryptic and doesn't mean much to joe average. I'm marking this as major as this error can block Hotmail and sourceforge. A better error message along these lines would be better: An error has occured validating <site name> certificate. If you wish to go on regardless, click ok. You can turn certificate checking of in "Preferenced - Privacy & security - Validation - Never use OCSP for certificate validation"

*** Bug 117397 has been marked as a duplicate of this bug. ***

Confirming; this is a problem. Setting OS and platform to "All".

I have a first-pass attempt at a fix for this. It only informs the user what is wrong, and they can turn of OCSP via preferences; it doesn't give an option to go ahead anyways. Nominating this for Mozilla1.0

Only gives user some info on what the problem is, and how to deactivate OCSP via preferences.

Thank you for the bug report and the suggested fix. I am reassigning the bug to the owner of the code (PSM) for their review.

rangan, please see whether your Unknown SSL Error patch cover all of these. If it does, please dup this bug.

bug#107491 handles these case,s plus others, excluding OCSPNotEnabled and OCSPNoDefaultResponder. OCSPNotEnabled would not occur in an ssl connection attempt, because unless it is enabled, a ocsp validation is not atempted. OCSPNoDefaultResponder would not occur unless we have a bug in PSM - but still might be a good idea to handle this...

Marking dup. Shall ensure OCSPNoDefaultResponder case goes in .. *** This bug has been marked as a duplicate of 107491 ***

Verified dupe.