Closed
Bug 323878
(-5981)
Opened 19 years ago
Closed 19 years ago
WAY-AROUND for: https page doesn't load (error -5981), proxy ignored for ocsp
Categories
(Firefox :: Shell Integration, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 323872
People
(Reporter: peter.renner, Unassigned)
References
()
Details
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; de; rv:1.8) Gecko/20051111 Firefox/1.5 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.0; de; rv:1.8) Gecko/20051111 Firefox/1.5 the check-connection for "revoked certificate" firefox is establishing when talking to some https servers ignores the proxy settings and issues a (cryptic) error msg. Hence corporate users behind a proxy can't use Firefox for (many) https servers, like netbanking ... which is very very bad for corporate adoption of firefox! Reproducible: Always Steps to Reproduce: 1. define proxy for http and https 2. set firewall to block direct connection to port 80 3. try to load https://www.netbanking.at Actual Results: Error establishing an encrypted connect to www.netbanking.at. Error Code: -5991 Expected Results: it should use the proxy settings to connect to ocsp.verisign.com to check the server's certificate SOLUTION IS AVAILABLE! SOLUTION IS AVAILABLE! enter the following url: about:config typ into field "filter": ocsp find line with says security.OCSP.enabled and set to to "false" This makes Firefox usable in corporate environments using proxies! OCSP checking should be disabled per default until the developers implemented the proxy features. There's a long discussion going on since at least mid 2002(!), see: bug 152426 please DON'T "close" that "bug-report" or at least make sure people can find the way-around info as easily as possible, it will save you guys a lot of "duplicate bugs" may i suggest strongly to set that property to false by default for the next official release (1.6?) of firefox? (unless the proxy ocsp check is implemented by then)
Reporter | ||
Updated•19 years ago
|
Depends on: 152426
Summary: WAY-AROUND for: https page doesn't load, proxy is ignored when checking ocsp → WAY-AROUND for: https page doesn't load (-5981), proxy ignored for ocsp
Reporter | ||
Updated•19 years ago
|
Status: UNCONFIRMED → RESOLVED
Closed: 19 years ago
Resolution: --- → FIXED
Updated•19 years ago
|
Status: RESOLVED → UNCONFIRMED
Resolution: FIXED → ---
Comment 1•19 years ago
|
||
OSCP defaults to off on win32. *** This bug has been marked as a duplicate of 323872 ***
Status: UNCONFIRMED → RESOLVED
Closed: 19 years ago → 19 years ago
Resolution: --- → DUPLICATE
Reporter | ||
Updated•19 years ago
|
Alias: -5981
Summary: WAY-AROUND for: https page doesn't load (-5981), proxy ignored for ocsp → WAY-AROUND for: https page doesn't load (error -5981), proxy ignored for ocsp
Reporter | ||
Comment 2•19 years ago
|
||
OSCP can't be "off by default on Win32" how should i have run into it in the first place? (maybe some kind of profile migartion during install of Firefox 1.5 switched it on accidentally?) Until 1h ago i even didn't know how to toggle OCSP checking.
Comment 3•19 years ago
|
||
Could have been profile migration from IE. I was referring to the default setting when a clean Firefox profile is created (security.OCSP.enabled is set to the integer value 0). You can turn OSCP off using the options UI: Advanced > Verification > Do not use OSCP for certificate validation
No longer depends on: 152426
Reporter | ||
Comment 4•19 years ago
|
||
(In reply to comment #3) > You can turn OSCP off using the options UI: Advanced > Verification > Do not > use OSCP for certificate validation PERFECT! (german users: Extras -> Einstellungen -> Erweitert -> Verifizierung) Now the only thing that is actually missing is either: - automatically coupling this "turning off" with entering proxy data (until OCSP can use proxies) or - making the OSCP connect Error message a WARNING-popup (e.g. behaving as if OCSP is off)
You need to log in
before you can comment on or make changes to this bug.
Description
•