Firefox is one of the most popular and reliable web-browser out there. But there are a few scenarios where Firefox is not able to open a website whereas all other browsers and other computers can. This is a common error and was reported by many users. So, if you faced SEC ERROR OCSP INVALID SIGNING CERT error on Firefox, you are at the right place. Users have reported that they are not able to access some Microsoft services like Bing or Outlook due to this error. While the same services were accessible from a different browser at the same time, if you are facing such an issue, you can follow the steps mentioned in this post to fix it.
SEC_ERROR_OCSP_INVALID_SIGNING_CERT Firefox error
The error roughly translates to “The certificate that you are using to access a website or webpage is invalid or has been invalidated.” The certificate might have been correct at some point, but now it has been invalidated. An apter technical term associated with this process will be OCSP Stapling.
Directly quoting the Mozilla Blog:
OCSP stapling is a mechanism by which a site can convey certificate revocation information to visitors in a privacy-preserving, scalable manner. Revocation information is important because at any time after a certificate has been issued, it may no longer be appropriate to trust it. For instance, maybe the CA that issued the certificate realizes it put incorrect information on it. Maybe the website operators lose control of their private key, or it gets stolen. More benignly, maybe the domain was transferred to a new owner.
Now that we know what OCSP stapling is, let’s return to our problem. You are facing this error because the certificate has been revoked, or the server you are trying to connect is not recognizing it. This is mostly an issue with some servers, not your computer. The server is not able to handle OCSP stapling properly, and that is why Firefox is throwing an error.
A temporary but not recommended solution to this problem would be disabling OCSP Stapling on Firefox. This is a temporary solution to access the blocked website, and it should be enabled back for your security. But before you do this, try resetting your Firefox browser and clearing all browser cache before disabling OCSP stapling.
How to disable OCSP Stapling on Firefox
Open up a Firefox window and type about:config in the address bar. Click on I Accept The Risk.
Search for the configuration: ssl.enable_ocsp_stapling.
Double click on it and set it to ‘false’.
Now try opening the website/webpage that gave you this error. Once you are done browsing, it is recommended that you turn on OCSP stapling back again. It ensures better security and protects you from possible hacks.
Another solution to this problem is to try using another browser. You can use Microsoft Edge or Google Chrome and open the same website.
This was all in how to fix SEC_ERROR_OCSP_INVALID_SIGNING_CERT on Firefox.
I will mention again that this is an error due to some invalid/invalidated certificates or bad servers. It is recommended not to turn off OCSP Stapling, but you can temporarily do so if you want to access the website.
Related: SSL_ERROR_HANDSHAKE_FAILURE_ALERT error.
