Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Secure connection: fatal error (1066)

https://www.takeitapart.com/

Unable to verify the website's identity (OCSP error).

The response from the online certificate validation (OCSP) server was too old.



One of the TakeItAparts here. We've seen this in browsers where the OCSP request fails (on the Comodo side), but the browser does not fall back to a CRL check. What browser were you using when saw the error?


Opera 12.16


It looks like this is a known problem with Opera 12.16[1][2]. According to the linked thread, a workaround is to disable opera:config#SecurityPrefs|OCSPValidateCertificates (obviously not ideal).

You might see if it is fixed in 12.17.

I do get an OCSP response if I run:

    openssl s_client -connect takeitapart.com:443 -tls1_2 -tlsextdebug -status
Qualys also shows OCSP is working (though seemingly not part of the A+ rating)[3].

1. http://forums.opera.com/discussion/1773932/broken-websites-t...

2. https://www.google.com/search?{google:acceptedSuggestion}oq=...

3. https://www.ssllabs.com/ssltest/analyze.html?d=takeitapart.c...


Ah, thank you for your time on this. :) I'm sorry to hear it's a browser end problem.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: