Presumably, there is some kind of way I can work around it, I saw something about clearing the cache because of stored failures of handshaking, but it seems like on the whole maybe it is time to start fuckin’ with Peertube or something instead.
Presumably, there is some kind of way I can work around it, I saw something about clearing the cache because of stored failures of handshaking, but it seems like on the whole maybe it is time to start fuckin’ with Peertube or something instead.
Doesn’t have to mean much at all: https://librewolf.net/docs/faq/#im-getting-sec_error_ocsp_server_error-what-can-i-do
Since I also get these from time to time with similar setups, I usually just switch browsers temporarily (after some time it will probably work again). Since my setup uses 3 browsers regularly, it’s no big deal for me. It also rarely occurs so it’s only very mildly annoying. As usual, with a more secure setup you will automatically get a couple of usability issues as well. Can’t change that, it’s like a law of physics. If it annoys you too much, you have to disable this security feature in the browser settings.
The fact that not every application that uses TLS certificates does this blows my mind. Certificate revocation should be a valid tool to deal with the compromise of cryptographic credentials, but if applications don’t check, then they’re opening themselves (and their users) up to a security vulnerability.
Honestly, the chain of trust model for TLS certificates is just broken from top to bottom in practice. It’s sort of along the lines of “anyone could walk past the building / into the apartment building basement and start flipping switches or fucking things up with the HVAC system” / “paper checks can be forged by anyone who cares” type of thing: It’s mostly just that no one cares enough to exploit the problems with it. But yeah, for anyone who takes seriously things like CA root certificates staying secure and is bothered when they’re not, they basically spend their entire time that is thinking about it being bothered by it, because right now it’s all broken.
Hm, yeah, it works again now. Coming as it does after I got some kind of warning on a Google service a couple of days ago, Hey warning! Your browser is unsupported, please switch to Chrome! (and then a hidden button that took some digging, to bypass the warning and just let me use the site), I assumed some kind of fuckery.
I still do, actually, I think probably even if solved this is the cue to look into doing something else…