Problems in Firefox: MOZILLA_PKIX_ERROR_REQUIRED_TLS_FEATURE_MISSING

  • Resolved Quentinius

    (@shred101)


    1 year, 1 month ago

    I’ve recently started using Really Simple SSL again (after a hiatus) for clients sites because I’ve started doing dev work again.

    I’m disappointed to find out that the stapling issue in Firefox seems to now be a common error that lots of people are experiencing.

    I know that lots of people have covered this already recently BUT… in my case, I’ve tried following the instructions on uninstalling everything on the client cPanel account and killing the plugin before reinstalling it and generating the certificate with stapling disabled and I’m still getting this error.

    So I’m still at a loss to what’s occurring because the error is local to Firefox and the fix that people have discussed on here (that’s a reasonable obvious fix anyway) does not seem to work for me at least.

    Any further advice?

Viewing 7 replies - 1 through 7 (of 7 total)
  • Plugin Support jarnovos

    (@jarnovos)

    Hi @shred101,

    Allow me to clarify that this is not something specific to the Really Simple SSL plugin. Browsers will reject connections if the SSL certificate requires OCSP stapling, but when the webserver does not staple an OCSP response.

    You can ask your hosting provider to enable “OCSP stapling” on your webserver, so that if you have an SSL certificate with the “must staple” extension enabled; it would no longer throw an error in the Firefox browser.

    Or indeed; you could also generate a certificate without the “must staple” extension and install that SSL certificate (in cPanel) instead.

    Kind regards, Jarno

    Thread Starter Quentinius

    (@shred101)

    I have since reached out to tech support.

    They insist that OCSP stapling IS enabled (I was surprised to find out that it may not be)

    So what should I do now? Any advise please?

    • This reply was modified 1 year, 1 month ago by Quentinius.
    Plugin Support jarnovos

    (@jarnovos)

    Hi @shred101,

    You could try installing an SSL certificate without the “must staple” extension on your webserver instead, to see if that works for you.

    Please know that while we are happy to assist with configuring the plugin on your WordPress site, your Hosting Provider would be better equipped to help troubleshoot the configuration on your webserver.

    It also doesn’t look like an URL to the website had been provided in your initial post, so I can’t currently see the behavior for myself either.

    Kind regards, Jarno

    Thread Starter Quentinius

    (@shred101)

    I apparently can’t upload an image otherwise I would give you a screenshot.

    There is literally nothing to see on the website except an error because it’s a fresh WP install I am doing background work on before I dev their site.

    As I have explained, the de facto owners of the host insists that the relevant feature is running on my Apache server.

    The error is:

    Secure Connection Failed

    An error occurred during a connection to glowinginbeautyacademy.co.uk. A required TLS feature is missing.

    Error code: MOZILLA_PKIX_ERROR_REQUIRED_TLS_FEATURE_MISSING

    The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the web site owners to inform them of this problem.
    Moderator Support Moderator

    (@moderator)

    quick side note: To post a screen shot, upload it to imgur.com (free) and then post a link in your forum reply.

    Plugin Support jarnovos

    (@jarnovos)

    Hi @shred101,

    When I test this domain using a tool such as SSL Labs, it results in the following message:

    This server certificate supports OCSP must staple but OCSP response is not stapled.

    My recommendation would therefore still be to discuss the matter with your hosting provider, as the above does seem to indicate that the server is not actually stapling the OCSP response.

    Kind regards, Jarno

    Thread Starter Quentinius

    (@shred101)

    Thank you for your response Jarnovos I will follow up from there.

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘Problems in Firefox: MOZILLA_PKIX_ERROR_REQUIRED_TLS_FEATURE_MISSING’ is closed to new replies.