Fix The OCSP server has refused this request as unauthorized in Firefox

Martin Brinkmann
Oct 2, 2013

When I tried to open my router's administrative dashboard today in Firefox I received a secure connection failure. It notified me that the OSCP server refused the request as unauthorized, and provided me only with options to try again.

I was used to get options to override certificate issues in the past which Firefox did when I last tried to access the dashboard.

I first tried to reload the page but it did not work either. Then I loaded the dashboard in Google Chrome and while it did display a certificate error, it allowed me to bypass it to open the control panel of the router.

Since Chrome is not my main browser, I started to investigate the issue in Firefox to find a fix for the issue.

Fixing OSCP server issues

The OCSP server has refused this request as unauthorized
Secure Connection Failed

The full error message that I received was the following one:

Secure Connection Failed

An error occurred during a connection to [router address]

The OSCP server has refused this request as unauthorized.

(Error code: sec_error_oscp_unauthorized_request)

According to Wikipedia, OSCP is an Internet protocol used to obtain the revocation status of an X.509 digital certificate. Basically, it checks the status of the certificate and returns either good, revoked or unknown back to the client if the request is valid, or may refuse it outright.

The latter can happen when OSCP server connections fail for example, or if the data that is submitted is corrupted.

There is however a way to fix the issue, at least temporarily in Firefox. Before we take a look at how this is done, I'd like to list another OSCP error that you may fix in the same way:

  1. The OCSP server has no status for the certificate. (Error code: sec_error_ocsp_unknown_cert)

To fix either error, perform the following operation in Firefox:

  1. Tap on the Alt-key on the keyboard and select Tools > Options from the menu that opens up.
  2. Switch to Advanced > Certificates in the Firefox options.
  3. Click on the Validation button.
  4. Uncheck "When an OSCP server connection fails, treat the certificate as invalid".

firefox options certificates

oscp server connection

You can also try and add an exception for the server or IP address so that you can access it even if the Validation setting is enabled.

To do so select View Certificates in the Firefox options. Click on Servers here and select Add Exception from the menu. Type the location of the server and click on get certificate afterwards. Once it has been retrieved, click confirm security exception. You can make the exception permanent by ticking the permanently store this exception box here.

firefox certificate exception

Closing Words

If you trust a server, it is better to add an exception so that you can access it but do not change any of the other security settings related to certificates in Firefox.


Tutorials & Tips

Previous Post: «
Next Post: «


  1. Transcontinental said on October 3, 2013 at 11:42 am

    I think the Firefox-family browser I am using, Pale Moon 24.02 64-bit, has itself unchecked the value mentioned above, “When an OSCP server connection fails, treat the certificate as invalid“. I mention this because I do not recall having ever modified it myself (I had transferred my Firefox 24 profile to Pale Moon when I installed the latter).

    Anyway, thanks for the tip, I ignored the fact, the implications.

  2. George P. Burdell said on October 3, 2013 at 5:03 am

    Uncheck “When an OSCP server connection fails, treat the certificate as invalid”

    Looked to see what setting I had on Firefox 24.0, and found it was already unchecked.

    This is not a parameter I ever looked at before, so maybe the default came this way at installation.

    1. Transcontinental said on October 3, 2013 at 11:43 am

      So perhaps my past comment becomes less significant.

  3. jasray said on October 2, 2013 at 8:36 pm

    Interesting and helpful information for future encounters. Thanks!

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.