Unauthorized OCSP response

RESOLVED DUPLICATE of bug 338986

Status

NSS
Libraries
RESOLVED DUPLICATE of bug 338986
12 years ago
12 years ago

People

(Reporter: Kevin Bube, Unassigned)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [kerh-coa], URL)

(Reporter)

Description

12 years ago
User-Agent:       Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.3) Gecko/20060426 Firefox/1.5.0.3
Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.3) Gecko/20060426 Firefox/1.5.0.3

When I go to https://elearning.uni-oldenburg.de I get the dialog box:

"Error trying to validate certificate from elearning.uni-oldenburg.de
using OCSP - unauthorized response."

And Firefox refuses to load the page. I have
security.OCSP.enabled = 1

If I set this property to 0, the site loads. BTW if I set it to 0 load the page and then set it to 1, reload the page, I do not get the error.


Reproducible: Always

Steps to Reproduce:
1. Start the browser ;-)
2. Go to https://elearning.uni-oldenburg.de
3.
Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9a1) Gecko/20060510 Minefield/3.0a1 - Build ID: 0000000000
WFM.

Comment 2

12 years ago
related to bug 337626?
(Reporter)

Comment 3

12 years ago
(In reply to comment #2)
> related to bug 337626?

I don't think so, I do not get the message described in this bug. The site opens as expected.



(Reporter)

Comment 4

12 years ago
One more information: In order to trigger the message, I think one has to have the CAcert.org root certificates installed (http://www.cacert.org/index.php?id=3).
Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9a1) Gecko/20060514 Minefield/3.0a1 - Build ID: 0000000000
Confirmed once I installed the certificates.
Status: UNCONFIRMED → NEW
Ever confirmed: true
Version: unspecified → Trunk
Assignee: nobody → dveditz
Component: Security → Security
Product: Firefox → Core
QA Contact: firefox → toolkit
Assignee: dveditz → kengert
Component: Security → Security: PSM
QA Contact: toolkit

Comment 6

12 years ago
The OCSP response is being processed by NSS.
Reassining to NSS for analysis.
Either NSS is unable to parse correctly, or the server is sending bad data.
Assignee: kengert → nobody
Component: Security: PSM → Libraries
Product: Core → NSS
QA Contact: libraries
Whiteboard: [kerh-coa]
Version: Trunk → 3.11.1
duplicate of bug 338986  ?
(In reply to comment #7)
> duplicate of bug 338986  ?
> 

Duping to the newer bug because it's got more information.

*** This bug has been marked as a duplicate of 338986 ***
Status: NEW → RESOLVED
Last Resolved: 12 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.