SEC_ERROR_OCSP_OLD_RESPONSE on chessable.com
Categories
(Core :: Security: PSM, defect)
Tracking
()
People
(Reporter: gcp, Unassigned)
Details
STR
- Visit https://chessable.com
- Secure Connection Failed
An error occurred during a connection to chessable.com. The OCSP response contains out-of-date information. Error code: SEC_ERROR_OCSP_OLD_RESPONSE
Works in Chrome.
Reporter | ||
Comment 1•5 years ago
|
||
This is working again in Firefox now. (But I don't think it's good if Firefox intermittently doesn't work while Chrome keeps working...)
If you're seeing this error, it's either due to your clock or the CA sending an expired response. If it isn't your clock, the only way to "fix" this is to turn off OCSP, which we're not going to do until we have a replacement for it, which is crlite. (Note that Chrome doesn't do OCSP.)
Reporter | ||
Comment 3•5 years ago
|
||
I'm now having this continuously so I had to turn off OSCP. Someone else will do the logical thing, ditch Firefox and upgrade to a browser that works but is less secure :( This is beyond sad.
https://www.ssllabs.com/ssltest/analyze.html?d=chessable.com
Does show:
OCSP stapling Yes
OCSP STAPLING ERROR: OCSP response expired on Thu Sep 12 02:37:48 UTC 2019
So Indeed the site has broken OSCP Stapling.
Description
•