Hi @shred101,
Allow me to clarify that this is not something specific to the Really Simple SSL plugin. Browsers will reject connections if the SSL certificate requires OCSP stapling, but when the webserver does not staple an OCSP response.
You can ask your hosting provider to enable “OCSP stapling” on your webserver, so that if you have an SSL certificate with the “must staple” extension enabled; it would no longer throw an error in the Firefox browser.
Or indeed; you could also generate a certificate without the “must staple” extension and install that SSL certificate (in cPanel) instead.
Kind regards, Jarno
I have since reached out to tech support.
They insist that OCSP stapling IS enabled (I was surprised to find out that it may not be)
So what should I do now? Any advise please?
-
This reply was modified 2 years, 7 months ago by
Quentinius.
Hi @shred101,
You could try installing an SSL certificate without the “must staple” extension on your webserver instead, to see if that works for you.
Please know that while we are happy to assist with configuring the plugin on your WordPress site, your Hosting Provider would be better equipped to help troubleshoot the configuration on your webserver.
It also doesn’t look like an URL to the website had been provided in your initial post, so I can’t currently see the behavior for myself either.
Kind regards, Jarno
I apparently can’t upload an image otherwise I would give you a screenshot.
There is literally nothing to see on the website except an error because it’s a fresh WP install I am doing background work on before I dev their site.
As I have explained, the de facto owners of the host insists that the relevant feature is running on my Apache server.
The error is:
Secure Connection Failed
An error occurred during a connection to glowinginbeautyacademy.co.uk. A required TLS feature is missing.
Error code: MOZILLA_PKIX_ERROR_REQUIRED_TLS_FEATURE_MISSING
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the web site owners to inform them of this problem.
quick side note: To post a screen shot, upload it to imgur.com (free) and then post a link in your forum reply.
Hi @shred101,
When I test this domain using a tool such as SSL Labs, it results in the following message:
This server certificate supports OCSP must staple but OCSP response is not stapled.
My recommendation would therefore still be to discuss the matter with your hosting provider, as the above does seem to indicate that the server is not actually stapling the OCSP response.
Kind regards, Jarno
Thank you for your response Jarnovos I will follow up from there.
