View Issue Details

IDProjectCategoryView StatusLast Update
0001479Main CAcert Websiteweb of trustpublic2020-03-23 09:29
ReporteralkasAssigned To 
PriorityhighSeveritymajorReproducibilityalways
Status newResolutionopen 
Product Version 
Target VersionFixed in Version 
Summary0001479: On Palemoon, Seagate, and Firefox browsers page https://www.cacert.org fails
DescriptionBrowsers mentioned report the following error:
SEC_ERROR_OCSP_OLD_RESPONSE
immediately after trying to visit that page.
Steps To ReproduceUsing one of the browsers mentioned, visit the page https://www.cacert.org .
Tagsinaccessible www.cacert.org
Reviewed by
Test InstructionsUsing one of the browsers mentioned, visit the page https://www.cacert.org .

Relationships

parent of 0001478 newdastrath not issuing new certificates 
Not all the children of this issue are yet resolved or closed.

Activities

jandd

2020-03-23 09:29

administrator   ~0005870

A workaround is to disable ocsp stapling in about:config but this is not a good idea because it disables OCSP checks for other sites too. The main issue is that the signer is down (see 0001478) and therefore the OCSP responder has no current information.

Issue History

Date Modified Username Field Change
2020-03-23 07:52 alkas New Issue
2020-03-23 07:52 alkas Tag Attached: inaccessible www.cacert.org
2020-03-23 09:26 jandd Relationship added parent of 0001478
2020-03-23 09:29 jandd Note Added: 0005870
2020-03-23 09:29 jandd Note View State: 0005870: public