Mozilla Firefox is blocking CAcert.org websites – how to get access again

20210321 - Webs are no more blocked by Firefox.

You are on the Internet with Firefox. So far, this was actually not a bad decision. However, when connecting to cacert.org an error now occurs. The OCSP response contains outdated information.

Error code: SEC_ERROR_OCSP_OLD_RESPONSE

This surprises you, because you have previously expressed your trust in the CAcert (CA Cert Signing Authority) root certificate. Today, however, you are still not getting access. This has to do with an update from Firefox, which changes a default setting.

The solution: Go to Settings -> Privacy and Security -> Certificates (at the bottom of the page): The option “Confirm current validity of certificates by request to OCSP server” must be deactivated (see picture: there must not be a tick at the red marked position), then it works again.

Certificates must not be OCSP-verified

(Dear Mozilla developers, this would not have been absolutely necessary!)

/!\ NOTE: The corresponding setting has to be changed at the following browsers: /!\


FAQ/Firefox-OCSP (last edited 2021-03-21 19:03:07 by AlesKastner)