Closed
Bug 495380
Opened 15 years ago
Closed 3 years ago
SEC_ERROR_OCSP_SERVER_ERROR is grossly ambiguous
Categories
(Core :: Security: PSM, defect, P5)
Core
Security: PSM
Tracking
()
RESOLVED
WONTFIX
People
(Reporter: nelson, Assigned: alvolkov.bgs)
Details
(Whiteboard: [nss-nofx])
I received the following critque of NSS's OCSP code in email.
> SEC_ERROR_OCSP_SERVER_ERROR is used 5 times in ocsp.c for everything
> from an internal OCSP server error to failing create the request session
> and any number of different problems writing the request to the remote
> server. When something goes bump in the night you have to attach a
> debugger to see which bump it is.
I think we should seriously attempt to change those 5 uses of that error code
so that they report unique error codes for some (if not all) of them.
Agreed, It just happened to me and I didn't have a clue what it meant, googling doesn't help. I am reasoably tech savvy.
After I renewed the SSL certificate for a domain Firefox shows this bug/error on https:// Only solution I could find was to toggle security.ssl.enable_ocsp_stapling to false. Other browsers show it fine, but I am unable to understand the exact reason for the problem in Firefox. I would appreciate a more specific error message!
|
||
Updated•3 years ago
|
Severity: normal → N/A
Priority: -- → P5
|
|
||
Updated•3 years ago
|
Whiteboard: [nss-nofx]
|
|
||
Updated•3 years ago
|
Component: Libraries → Security: PSM
Product: NSS → Core
Version: trunk → unspecified
In as much as this applies to Firefox, users will essentially only see this error when a server staples an OCSP response with an OCSPResponseStatus of internalError. Since Firefox has no more information than this, there's not much we can do.
Status: NEW → RESOLVED
Closed: 3 years ago
Resolution: --- → WONTFIX
You need to log in
before you can comment on or make changes to this bug.
Description
•