Bug 1020424
Summary: | Cannot add exception for expired cert | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Mike McLean <mikem> |
Component: | firefox | Assignee: | Martin Stransky <stransky> |
Status: | CLOSED DUPLICATE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 20 | CC: | chemobejk, gecko-bugs-nobody, kengert, mikem, randomrnd, stransky |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2014-01-07 16:59:59 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Mike McLean
2013-10-17 16:02:33 UTC
Can you post the server name here? I saw it when the server does not have reverse DNS entry (IP to domain translation). In my case, tech details says: ************ uses an invalid security certificate. The certificate is not trusted because it is self-signed. The certificate is only valid for ************ (Error code: sec_error_cert_signature_algorithm_disabled) then, in about:config, when i set security.enable_md5_signatures;false to true, it says: (Error code: sec_error_ca_cert_invalid) finally, when i add an exception, firefox displays: The connection was reset Downgrading firefox and xulrunner to version 21 (?), solves the problem. firefox-25.0-3.fc19.x86_64 xulrunner-25.0-2.fc19.x86_64 Ok, here is a workaround that works for me: Starting Firefox in terminal with NSS_SSL_CBC_RANDOM_IV=0, solves the problem. "NSS_SSL_CBC_RANDOM_IV=0 firefox" Please see here: https://bugzilla.redhat.com/show_bug.cgi?id=890931 Or google -> NSS_SSL_CBC_RANDOM_IV=0 Kay, Any idea about this one? Thanks! Martyn, I'll look into it. I believe this is a duplicate of bug 770682. If you can demonstrate a current site to reproduce this issue, please add a comment with a link to the site, reopen the bug, and I'll look into it right away. Thanks *** This bug has been marked as a duplicate of bug 770682 *** (In reply to Kai Engert (:kaie) from comment #7) > I believe this is a duplicate of bug 770682. This bug is about firefox, that bug is about a similar problem with SIPE. I'll remove the duplicate assignment. Stefan, both software used the same underlying NSS crypto library that implements the functionality (certificate validation) that you were using. The quoted environment variable isn't a property of Firefox, it's a property of that library. |