firefox invalid OCSP signing certificate on ATO website

40 views
Skip to first unread message

Michael Pope

unread,
Jul 13, 2015, 12:24:00 AM7/13/15
to aus...@googlegroups.com
I came across this problem today (13/07/2015) when going to the ATO tax portal using Oracle Java 1.7.0 on Firefox 38 & 39

: Secure Connection Failed
:
: An error occurred during a connection to authentication.business.gov.au. Invalid OCSP signing certificate in OCSP response. (Error code: sec_error_ocsp_invalid_signing_cert)
:
:     The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
:     Please contact the website owners to inform them of this problem.

Looks like the problem is at the ATO's end, as a temp work around I've disabled ocsp_tapling

Within the users firefox
1. Go to about:config
2. set 'security.ssl.enable_ocsp_stapling' to false
3. Try the bp.ato.gov.au website again

Warning: This does lessen your security so make sure you change it back to true as soon as you can. Hopefully the ATO fixes this problem soon.
Reply all
Reply to author
Forward
0 new messages