Closed
Bug 555440
Opened 14 years ago
Closed 14 years ago
HTTPS connection is interrupted if OCSP server is unavailable
Categories
(Core :: Security: PSM, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 508633
People
(Reporter: laurens, Assigned: KaiE)
References
()
Details
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.2) Gecko/20100316 Firefox/3.6.2 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.2) Gecko/20100316 Firefox/3.6.2 When connecting to a website using HTTPS which uses a certificate with an OCSP server and the OCSP server is unreachable (does not respond to requests) Firefox will display a "The connection was interrupted" error even though the option "When an OCSP server connection fails, treat the certificate as invalid" is UNchecked. Reproducible: Always Steps to Reproduce: 1. Make sure OCSP validation is on using the certificate provided OCSP server 2. Make sure "When an OCSP server connection fails, treat the certificate as invalid" is UNchecked 3. Configure your local firewall to DROP (not reject) all TCP traffic on port 80 to the OCSP server (e.g. ocsp.godaddy.com) 4. Connect to https://www.godaddy.com Actual Results: After a timeout firefox shows the error: The connection was interrupted Expected Results: Website is loaded without error or message. When the requests to the OCSP server are rejected rather than dropped the results are as expected.
Comment 1•14 years ago
|
||
If it's an EV-certificate, bug 490883 might help (downgrade to no EV-certificate). Otherwise, it's a dupe of bug 334658.
Comment 2•14 years ago
|
||
first one should be bug 508633
Reporter | ||
Updated•14 years ago
|
Status: UNCONFIRMED → RESOLVED
Closed: 14 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•