Closed
Bug 171152
Opened 22 years ago
Closed 22 years ago
"Error trying to validate certificate from members.ud.com using OCSP - directory lookup error" when accessing any secured page of that site
Categories
(Core :: Security, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 111384
People
(Reporter: cdokolas, Assigned: security-bugs)
References
()
Details
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.1) Gecko/20020826
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.1) Gecko/20020826
I get this error ("Error trying to validate certificate from members.ud.com
using OCSP - directory lookup error.") in a dialog box (OK is the only answer)
every time I jump to a secured page in the site members.ud.com and the page is
not loaded
I'm behind a ISA Server proxy (with NTLM authentication).
Reproducible: Always
Steps to Reproduce:
1. Get behind a Microsoft ISA Server firewall set with NTLM authentication.
2. Open the URL provided
3. Watch!
Actual Results:
"Error trying to validate certificate from members.ud.com using OCSP - directory
lookup error."
Expected Results:
The browser is supposed to be switched to the secure server and load the page
(login page for members). The secured URL is
https://members.ud.com/services/profile.htm
It is easy as well as philanthropic (plug some Greek) to download the UD Agent
which enrols you to United Devices and runs their distributed cancer research
project (see http://members.ud.com/projects/cancer/).
Reporter | ||
Comment 1•22 years ago
|
||
Have not tried it outside the firewall yet.
Comment 2•22 years ago
|
||
Just closed down my personal firewall.
Still get "Error trying to validate certificate from meine.deutsche-bank.de
using OCSP - response contains a date which is in the future."
or
"Error trying to validate certificate from trading.fast-trade.com using OCSP -
response contains a date which is in the future."
don't know how to handle this. Bug or feature?
Probably a dupe of bug 158141. Make sure your time and timezone settings are
correct.
Reporter | ||
Comment 4•22 years ago
|
||
Time and timezone settings are correct. Tried rolling the clock forward a couple
of minutes, but no change.
There is a workaround I stumbled across yesterday: disable OCSP from Edit ->
Preferences -> Privacy & Security -> Validation -> OCSP
BTW: What kind of protocol is OCSP? How does it work? (briefly) If it's not over
HTTP then it won't work over web proxies (we only have the web proxy enabled on
our firewall).
OSCP seems to not work over a proxy, see bug 111384.
*** This bug has been marked as a duplicate of 111384 ***
Status: UNCONFIRMED → RESOLVED
Closed: 22 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•