When I tried to open my router's administrative dashboard today in Firefox I received a secure connection failure. It notified me that the OSCP server refused the request as unauthorized, and provided me only with options to try again.
I was used to get options to override certificate issues in the past which Firefox did when I last tried to access the dashboard.
I first tried to reload the page but it did not work either. Then I loaded the dashboard in Google Chrome and while it did display a certificate error, it allowed me to bypass it to open the control panel of the router.
Since Chrome is not my main browser, I started to investigate the issue in Firefox to find a fix for the issue.
The full error message that I received was the following one:
Secure Connection Failed
An error occurred during a connection to [router address]
The OSCP server has refused this request as unauthorized.
(Error code: sec_error_oscp_unauthorized_request)
According to Wikipedia, OSCP is an Internet protocol used to obtain the revocation status of an X.509 digital certificate. Basically, it checks the status of the certificate and returns either good, revoked or unknown back to the client if the request is valid, or may refuse it outright.
The latter can happen when OSCP server connections fail for example, or if the data that is submitted is corrupted.
There is however a way to fix the issue, at least temporarily in Firefox. Before we take a look at how this is done, I'd like to list another OSCP error that you may fix in the same way:
To fix either error, perform the following operation in Firefox:
You can also try and add an exception for the server or IP address so that you can access it even if the Validation setting is enabled.
To do so select View Certificates in the Firefox options. Click on Servers here and select Add Exception from the menu. Type the location of the server and click on get certificate afterwards. Once it has been retrieved, click confirm security exception. You can make the exception permanent by ticking the permanently store this exception box here.
If you trust a server, it is better to add an exception so that you can access it but do not change any of the other security settings related to certificates in Firefox.
AdvertisementPlease click on the following link to open the newsletter signup page: Ghacks Newsletter Sign up
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.
Interesting and helpful information for future encounters. Thanks!
Uncheck “When an OSCP server connection fails, treat the certificate as invalid”
—-
Looked to see what setting I had on Firefox 24.0, and found it was already unchecked.
This is not a parameter I ever looked at before, so maybe the default came this way at installation.
So perhaps my past comment becomes less significant.
I think the Firefox-family browser I am using, Pale Moon 24.02 64-bit, has itself unchecked the value mentioned above, “When an OSCP server connection fails, treat the certificate as invalid“. I mention this because I do not recall having ever modified it myself (I had transferred my Firefox 24 profile to Pale Moon when I installed the latter).
Anyway, thanks for the tip, I ignored the fact, the implications.