Really weird, since OCSP is enabled by default in Fx 3.0 and above, and it works just fine. Maybe the Gecko 1.8.1 implementation is buggy...Tom T. wrote:edit: FWIW, the https d/l for dev builds is great, but I had to disable OCSP validation to install it.
[RESOLVED] 1.9.6.2 and .6.5 causing "Offline" error message
-
Giorgio Maone
- Site Admin
- Posts: 9524
- Joined: Wed Mar 18, 2009 11:22 pm
- Location: Palermo - Italy
- Contact:
Re: [RESOLVED] 1.9.6.2 and .6.5 causing "Offline" error message
Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9.1.1) Gecko/20090715 Firefox/3.5.1 (.NET CLR 3.5.30729)
Re: [RESOLVED] 1.9.6.2 and .6.5 causing "Offline" error message
It turns out that it actually *will* install, if I OK the error message: "An internal error has been detected. The requested OCSP transaction cannot be completed."Giorgio Maone wrote:Really weird, since OCSP is enabled by default in Fx 3.0 and above, and it works just fine. Maybe the Gecko 1.8.1 implementation is buggy...Tom T. wrote:edit: FWIW, the https d/l for dev builds is great, but I had to disable OCSP validation to install it.
I had selected "Use OCSP to validate only certificates that specify an OCSP service URL". Does yours?
For the other choice, "Validate all certificates using this URL and signer", the default is Verisign. OK, I trust them -- but there is no default URL. How would one know what URL to enter?
Edit: There showed also a blocked sub-object, *@https://addons.mozilla.org. I allowed it, and also the scripts from AMO as well as NS. No change, but does this have anything to do with it?
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US at an expert level; rv:1.8.1.20) Gecko/20081217 Firefox/2.0.0.20 diehard
-
Giorgio Maone
- Site Admin
- Posts: 9524
- Joined: Wed Mar 18, 2009 11:22 pm
- Location: Palermo - Italy
- Contact:
Re: [RESOLVED] 1.9.6.2 and .6.5 causing "Offline" error message
Yes it does, from http://ocsp.godaddy.comTom T. wrote: I had selected "Use OCSP to validate only certificates that specify an OCSP service URL". Does yours?
If you were a government agency mandating its own certificate authority, you'd knowTom T. wrote: For the other choice, "Validate all certificates using this URL and signer", the default is Verisign. OK, I trust them -- but there is no default URL. How would one know what URL to enter?
Nothing.Tom T. wrote: Edit: There showed also a blocked sub-object, *@https://addons.mozilla.org. I allowed it, and also the scripts from AMO as well as NS. No change, but does this have anything to do with it?
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.1) Gecko/20090715 Firefox/3.5.1 (.NET CLR 3.5.30729)
Re: [RESOLVED] 1.9.6.2 and .6.5 causing "Offline" error message
Nothing wrong with the Gecko implementation; it's the user who's buggy.Giorgio Maone wrote:Really weird, since OCSP is enabled by default in Fx 3.0 and above, and it works just fine. Maybe the Gecko 1.8.1 implementation is buggy...Tom T. wrote:edit: FWIW, the https d/l for dev builds is great, but I had to disable OCSP validation to install it.
Seems the GoDaddy root certificate "somehow" got lost or was accidentally deleted. Garbage in, garbage out...
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US at an expert level; rv:1.8.1.20) Gecko/20081217 Firefox/2.0.0.20 diehard