Hi, fecund wrote: > Using Mozilla 1.2 alpha, and having trouble accessing many sites when > OCSP validation is turned on. The typical error is: > " Error trying to validate certificate from secure3.ingdirect.com > using OCSP - response contains a date which is in the future. " > > What I'd like to see in the above error: > the site it used to validte said certificate > the invalid date > eg: " Error trying to validate certificate from secure3.ingdirect.com > via www.verisign.com using OCSP - response contains a date > '99/99/9999' which is in the future. " > > Anyway, I ask the bank and they say that one of my root CAs has > expired or that my clock is wrong. My clock is correct, so I set about > trying to debug my certificates.
OCSP works fine with https:/secure3.ingdirect.com here, in Mozilla 1.2 alpha. So I think it is indeed your clock. Check your timezone, that is almost always the problem.