The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Let's Encrypt Firefox OCSP problem: Secure Connection Failed

Discussion in 'Security' started by WorkinOnIt, Dec 21, 2016.

Tags:
  1. WorkinOnIt

    WorkinOnIt Well-Known Member

    Joined:
    Aug 3, 2016
    Messages:
    94
    Likes Received:
    5
    Trophy Points:
    8
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    Hi team

    I am having trouble with one specific server that seems to be failing HTTPS websites only in Firefox (version 50.1.0)

    When browsing a website for example, https: // myexampledomain .com (without spaces) on Firefox, I get the following error;

    I have the same issue with ALL https domains on that server in Firefox - however all of the same https domains work fine in all other browsers (Chrome / IE10 / Opera).

    My other servers seem to be fine and all sites on them are connecting to https in Firefox without an issue - so there is something going on with this particular server.

    Server info:

    • CENTOS 7.3 x86_64
    • WHM 60.0 (build 28)
    • Server Version: Apache/2.4.23 (Unix) OpenSSL/1.0.1e-fips
    • Let's Encrypt
    There are no problems noted in the Manage Auto SSL logs.

    In httpd.conf :

    Code:
    SSLUseStapling on
    SSLStaplingCache shmcb:/usr/local/apache/logs/stapling_cache_shmcb(256000)
    SSLStaplingReturnResponderErrors off
    SSLStaplingErrorCacheTimeout 60
    SSLSessionCache shmcb:/usr/local/apache/logs/ssl_gcache_data_shmcb(1024000)

    I notice the above httpd.conf entry is slightly different on my other server (which is running CentOs 6.8).

    Please advise, thanks.
     
    #1 WorkinOnIt, Dec 21, 2016
    Last edited by a moderator: Dec 22, 2016
  2. WorkinOnIt

    WorkinOnIt Well-Known Member

    Joined:
    Aug 3, 2016
    Messages:
    94
    Likes Received:
    5
    Trophy Points:
    8
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    After some Googling, I came across a solution which I have tried it and it works for me:

    However, I am concerned that turning SSLUseStapling OFF will have negative connotations. Could someone from cPanel please comment?

    Thanks
     
    #2 WorkinOnIt, Dec 21, 2016
    Last edited by a moderator: Dec 22, 2016
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,037
    Likes Received:
    1,280
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
Loading...

Share This Page