Firefox 3 and Revoked SSL Certificates

Today I discovered that Firefox 3 will refuse to display a site over HTTPS if its SSL certificate is revoked. And even though I am not questioning merits of this decision, I still would have preferred to have this behavior configurable, either somewhere deep in Preferences or at least via about:config (quick scan of the latter did not result in anything useful - did I overlook it?)

Categories: uncategorized |

Comments (4)

[...] Excerpted from:Firefox 3 and Revoked SSL Certificates [...]

dave // 20 Jun 2008

Same deal here, check out https://escrm.nokia.com/ for an example.

I like the other warning, where if its untrusted you can add the exception, but completely stopping you?

Anyone?

Dmitriy // 20 Jun 2008

@dave - looks like Nokia fixed that site already.

dwp0980 // 22 Sep 2008

Found this blog whilst experiencing the same problem. I also found a solution (although I don't know the impact on security). It's something to do with OCSP. If you go to Preferences/Options > Security > Advanced > Encryption > Validation and uncheck OCSP.

I found this solution at the following site. . .

http://support.mozilla.com/tiki-view_forum_thread.php?locale=de&comments_parentId=86422&forumId=1