Bug 214146

Summary: firefox cannot connect to some https sites from behind firewall
Product: [Fedora] Fedora Reporter: Tomasz Kepczynski <tomek>
Component: firefoxAssignee: Christopher Aillon <caillon>
Status: CLOSED INSUFFICIENT_DATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 6CC: mcepl, mcepl, wtogami
Target Milestone: ---   
Target Release: ---   
Hardware: i686   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-01-15 14:40:39 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Tomasz Kepczynski 2006-11-06 08:07:36 UTC 
Description of problem:
I cannot access the following sites when OCSP is turned on for
certificate validation:
https://login.vwbankdirect.pl
https://www.r-bank.pl
Firefox reports error -5990 and says it cannot start encrypted connection.
As far as I know mozilla didn't have this problem.
Now the really important part seems to be firewall and proxy. I have the
following automatic proxy config:
function FindProxyForURL(url, host)
{
  return("PROXY proxy.xxx.xxx.com:911");
}
but browser seems to go directly and obviously fails (I can see
SYN_SENT line in netstat -t going outside the firewall to
12.166.243.30:http for both of the above sites).
I can access both of the sites from another machine where both
sites are available directly.
As a workaround I can disable OCSP.

Version-Release number of selected component (if applicable):
firefox-1.5.0.7-8.fc6.i386

How reproducible:
Always

Actual results:
Firefox does not connect to a site.

Expected results:
Firefox connects to a site.

Additional info:
See also bug 192977. This bug is not fixed by the update as
described there, it is only masked by default setting (OCSP
is off by default).
Comment 1 Matěj Cepl 2007-12-10 09:25:17 UTC 
Fedora Core 6 is no longer supported, could you please reproduce this with the
updated version of the currently supported distribution (Fedora 7, 8, or
Rawhide)? If this issue turns out to still be reproducible, please let us know
in this bug report. If after a month's time we have not heard back from you, we
will have to close this bug as CANTFIX.

Setting status to NEEDINFO, and awaiting information from the reporter.

[This is mass-filed message to all open Fedora Core 6 bugs related to Xorg or
Gecko. If you see any other reason, why this bug shouldn't be closed, please,
comment on it here.]
Comment 2 Tomasz Kepczynski 2007-12-10 11:51:15 UTC 
As of Fedora 8 and firefox-2.0.0.10-2.fc8.x86_64 this bug seems
to be fixed.
Comment 3 Matěj Cepl 2008-01-15 14:40:39 UTC 
Since there are insufficient details provided in this report for us to
investigate the issue further, and we have not received feedback to the
information we have requested above, we will assume the problem was not
reproducible, or has been fixed in one of the updates we have released for the
reporter's distribution.

Users who have experienced this problem are encouraged to upgrade to the latest
update of their distribution, and if this issue turns out to still be
reproducible in the latest update, please reopen this bug with additional
information.

Closing as INSUFFICIENT_DATA.

{This is mass-closing of all obsolete bugs; if this bug was in your opinion
closed by mistake, please, reopen it with additional information; thanks a lot
and I am sorry for bothering you in such case.}