TL;DR: Server admins, disable OCSP stapling in the server software. End-users, disable OCSP stapling in your browser. The full explanation goes like this:
RFC 6960: X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP Section 2.3. Exception Cases said:
In case of errors, the OCSP responder may return an error message. These messages are not signed. Errors can be of the following types:
- malformedRequest
- internalError
- tryLater
OCSP Error Code 3: Try Again Later. The most annoying OCSP error to ever exist.
Some background information: The OCSP protocol is used to check whether or not a certificate has been revoked. This is done in real time - whenever your browser makes a secure connection to a website, it also connects to an OCSP responder server to check the current validity of a certificate. The OCSP server then returns a response (the certificate is/is not valid) or an error code (something went wrong).
These servers are run by the Certificate Authority that issued the certificate. As you can imagine, they get a
lot of requests. OCSP servers are notoriously unreliable - they go down all the time just due to the sheer load they have to deal with. tryLater, or "sec_error_ocsp_try_server_later" means that the OCSP server is overloaded and can't be contacted at the moment. This is such a common problem that browsers will ususally just ignore this error.
"OCSP Stapling" was designed to fix this problem. Instead of
every user asking the OCSP server if a certificate is valid,
the website contacts the OCSP server. Then, it stores the OCSP response in a cache, and presents the (digitally signed) cached response to every client that tries to connect to the website. The OCSP response is "stapled" to the SSL certificate that QQ presents. This reduces the load on the OCSP server massively.
Unfortunately, QQ is not stapling an OCSP
response (your certificate is valid/invalid). Instead, QQ is stapling an OCSP
error code (try again later). So when QQ asks the OCSP server "Hey, has my certificate been revoked?", the OCSP server's response is "Gah! I'm way too busy right now, ask me again later!" QQ then says "Hmm, okay." and stores that "try again later" error code in its cache. QQ then naively presents the error code to the user as though it were a valid OCSP response. This, naturally, trips up the user's browser and causes an error to appear.
This seems like a bug - either the QQ server shouldn't store and staple an error code, or browsers should ignore the error code if it's stapled to a certificate. Browsers already ignore the "try again later" error code if it's received from the OCSP server directly.
End-user workaround: In Firefox, go to
about:config, and temporarily set
security.ssl.enable_ocsp_stapling to
false. I don't know how to do something similar in other browsers.
Caveat: I
think this is how it works, but I may not fully understand the protocol or the situation. I am not a systems/networking engineer. Or any kind of engineer, for that matter.
References:
https://tools.ietf.org/html/rfc6960#section-2.3
https://en.wikipedia.org/wiki/Online_Certificate_Status_Protocol
https://en.wikipedia.org/wiki/OCSP_Stapling
