Getting SEC_ERROR_OCSP_TRY_SERVER_LATER this morning in FireFox.
Tried many supposed workarounds + none seem to work.
If someone has a working fix for this problem, add it to this ticket.
Thanks.
I had to create this ticket with a useless title because LetsEncrypt software kept saying my title made no sense.
Very annoying.
Be great if someone could disable this feature, so sensible titles can be used.
Seems like anytime I add SEC_ERROR_OCSP_TRY_SERVER_LATER to the title, the forum disallows posting the title.
That's annoying! Sorry about that. That's the first time I've seen this "Not a complete sentence" detection. I'm not sure if there's an easy way to disable it so for the meantime I set the title to something "English-enough" for the forum.
What is the domain of the site you're trying to access when Firefox shows this error?
Awesome! Thanks for fixing my title. I swear I tried all sort of titles + no joy.
Works in all other browsers.
Hum… Maybe something’s wrong with this cert too. Other LetsEncrypt cert secured sites seem to be working.
Ah… Found the problem…
For some reason dnsmasq crashed, so the OSCP server name could never resolve.
Fixed now.
Thanks!
1 Like
Great ! Glad to hear it. I was able to confirm from here that an OCSP lookup for that certificate worked OK from my network vantage point. I also can verify that the server is stapling a valid OCSP response for the certificate in its TLS handshake.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.