From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: patchwork.ipfire.org => Error: MOZILLA_PKIX_ERROR_REQUIRED_TLS_FEATURE_MISSING
Date: Sun, 13 Oct 2019 14:05:25 +0100 [thread overview]
Message-ID: <2F8482D6-5E21-493B-8ED3-6D69C59C75B7@ipfire.org> (raw)
In-Reply-To: <59daa934-17fd-86fd-6533-dd0008ea4ca5@ipfire.org>
[-- Attachment #1: Type: text/plain, Size: 1366 bytes --]
Hi,
Thank your for raising this.
This was caused by haproxy which could not be reloaded because I played around with the IPv6 configuration of our main firewall in Hannover. Therefore the updated OCSP responses were not delivered.
It is fixed now and you should change your setting back.
Best,
-Michael
> On 13 Oct 2019, at 00:25, Matthias Fischer <matthias.fischer(a)ipfire.org> wrote:
>
> Hi,
>
> today, suddenly patchwork.ipfire.org stopped working. Reloading the page
> several times doesn't help. Firefox 69.0.3 keeps telling me:
>
> ***SNIP***
> Secure Connection Failed
>
> An error occurred during a connection to patchwork.ipfire.org. A
> required TLS feature is missing. Error code:
> MOZILLA_PKIX_ERROR_REQUIRED_TLS_FEATURE_MISSING
>
> The page you are trying to view cannot be shown because the
> authenticity of the received data could not be verified.
> Please contact the website owners to inform them of this problem.
> ***SNAP***
>
> Setting "security.ssl.enable_ocsp_must_staple" in about:config to
> "false" temporarily fixes this, but could it be that there is a problem
> with the "Let's Encrypt" certificate!?
>
> Can anyone confirm?
>
> Best,
> Matthias
>
> P.S.: Possible solution (german!)
> =>
> https://www.kuketz-blog.de/nginx-aktivierung-von-ocsp-must-staple-ohne-timeout/
next prev parent reply other threads:[~2019-10-13 13:05 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-12 23:25 Matthias Fischer
2019-10-13 9:31 ` patchwork.ipfire.org does not supply OCSP information (was: Re: patchwork.ipfire.org => Error: MOZILLA_PKIX_ERROR_REQUIRED_TLS_FEATURE_MISSING) peter.mueller
2019-10-13 11:17 ` patchwork.ipfire.org does not supply OCSP information Matthias Fischer
2019-10-13 16:01 ` Michael Tremer
2019-10-13 16:20 ` Matthias Fischer
2019-10-13 13:05 ` Michael Tremer [this message]
2019-10-13 15:58 ` patchwork.ipfire.org => Error: MOZILLA_PKIX_ERROR_REQUIRED_TLS_FEATURE_MISSING Matthias Fischer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2F8482D6-5E21-493B-8ED3-6D69C59C75B7@ipfire.org \
--to=michael.tremer@ipfire.org \
--cc=development@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox