Closed Bug 1028534 Opened 10 years ago Closed 8 years ago

https://www.npmjs.org/ unavailable because of sec_error_ocsp_try_server_later error

Categories

(Core :: Security: PSM, defect)

Product:
Core
Component:
Security: PSM
Version:
32 Branch
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED WORKSFORME

People

(Reporter: bruant.d, Unassigned)

References

(Blocks 1 open bug)

Details

I'm in Firefox Aurora 32 (haven't tried any other browser yet)
I tried to access https://www.npmjs.org/package/minimist and got an error message (I won't copy/paste cause it's in French), but the essence is :

> An error occur while connecting to www.npmjs.org. The OCSP server suggest to try later (error: sec_error_ocsp_try_server_later)
The page you're trying to get to cannot be displayed because the authenticity cannot be verified

The same page loads fine in Chrome, though.

It looks like the content does exist. It might be a good idea to open the page but warn the user about the lack of ability to verify the content.
I haven't told the npmjs.org folks yet so the bug can be investigated in the Mozilla side. Please tell me when you have enough info to investigate so I can inform them.
I'm still observing the problem in current Aurora. Can someone take a look?
Needinfo'ing Kai Engert since you filed the OCSP bug. Feel free to pass along.
Flags: needinfo?(kaie)
I can go to npm now. The problem is intermittent it seems.
I'm happy to help investigate when I see the problem again, but I'll need to know which tool to use and what info I'm looking for.
The most likely scenario is that www.npmjs.org has either misconfigured their server or the OCSP responder for the cert(s) they're using is misconfigured/broken. Chrome doesn't do OCSP fetching, so it would never show this error. You can verify this by using wireshark to capture the data from a handshake that fails (I would do both port 443 and 80, to capture the TLS traffic as well as any OCSP requests, although the failing request might be stapled in the handshake).
Flags: needinfo?(kaie)
Component: Security: UI → Security: PSM
Hi Guys,

we are having the same sec_error_ocsp_try_server_later issue with firefox 35.0.1 on this website www.chambresdhotesdecharme.com. Did you find any solution?

Any help would be appreciated.

-Sebastien
This issue was fixed: https://github.com/npm/npm-www/issues/832.
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.