MOZILLA_PKIX_ERROR_REQUIRED_TLS_FEATURE_MISSING

If you get the following message in Mozilla Firefox:

MOZILLA_PKIX_ERROR_REQUIRED_TLS_FEATURE_MISSING

Cause

According to Mozilla, this is a rare problem caused by OCSP stapling not being correctly configured in the SSL handshakes.

If you use HSTS in combination with OCSP-must-staple, you're effectively enforcing "HSTS for OCSP stapling". If you then, for example, have done a fresh installation and the certificates are renewed (without the OCSP server being up-to-date), you have a problem.

This is because Firefox gets the HSTS updates from Google and that can take some time.

Solution

The solution is to:

  1. Not use OCSP-MUST-STAPLE and/or STAPLE-OCSP.
  2. Or only enable this after Google has passed the HSTS information to Mozilla.

Just waiting 3 months also works, but it usually goes faster. 😉

Good luck!

User
Documentation
icon 🔒 Website Security Guide icon Online Docs icon Antigravity AI Guide icon Manuals
Software & Dev
icon Tools & Utilities icon Compile icon API Docs
GitHub
icon Bashouse icon ToolBox
System
icon About icon Settings icon Links icon SEO Metrics icon Best Buy Guide
Social
icon Facebook icon LinkedIn icon GitHub icon YouTube
Leisure
icon Hearthstone icon Snake
© 2025 ComputerBas