Results 1 to 6 of 6

Thread: Possible Firefox 3 bug may cause Zimbra problems

  1. #1
    iain is offline Loyal Member
    Join Date
    Feb 2006
    Location
    Manchester, UK
    Posts
    88
    Rep Power
    9

    Default Possible Firefox 3 bug may cause Zimbra problems

    I'm currently running Firefox 3 beta 2 on Ubuntu Linux and I've hit a problem fairly regularly that looks like a Firefox bug but might be a Zimbra issue. If it happens often, it could cause serious problems for Zimbra users in future.

    When connecting to Zimbra I sometimes get the error sec_error_reused_issuer_and_serial, which is meant to signify that the server has presented a certificate with the same issuer and serial number to another cert. In this case, Firefox 3 will not allow access to the site: no exceptions, access is simply blocked.

    It's possible that this is a Zimbra bug. On the Zimbra server in question I followed the standard procedure to create a local certificate which looks fine and other users haven't reported any problems (new cert. created nearly three months ago so there's been time). So it seems to me unlikely to be a Zimbra bug, but possible.

    I'm concerned because the behaviour of Firefox is not consistent:
    - Rebooting the PC or stopping/starting Firefox is sometimes enough to get me on.
    - The error can still occur when I've deleted every certificate from Firefox, so I don't know what Firefox is comparing the certificate to.

    If anyone else has come across this bug, you might like to go to https://bugzilla.mozilla.org/show_bug.cgi?id=410622 and add your comment/vote as right now the Firefox developers are taking the view that it's working as designed.

  2. #2
    iain is offline Loyal Member
    Join Date
    Feb 2006
    Location
    Manchester, UK
    Posts
    88
    Rep Power
    9

    Default

    I'm still seeing this issue intermittently on Firefox 2 and Firefox 3, but it sounds like no-one else is (or you're keeping very quiet about it :-) ). I guess that's a good sign, but it would be useful for me to know whether this is a general problem or something only I'm seeing.

  3. #3
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,495
    Rep Power
    56

    Default

    I haven't seen that issue but I'd suggest filing an entry in buzilla so we can take a look at it.

    BTW, you mentioned in your first post that it happens even if you delete all the certificates in FF, if that's the case how can the FF developers conclude it's working as designed?
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  4. #4
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,495
    Rep Power
    56

    Default

    Quote Originally Posted by iain View Post
    When connecting to Zimbra I sometimes get the error sec_error_reused_issuer_and_serial, which is meant to signify that the server has presented a certificate with the same issuer and serial number to another cert. In this case, Firefox 3 will not allow access to the site: no exceptions, access is simply blocked.
    Just some further info for you. I tried connecting to your url and I get the same message with FF3 but it does allow me to add an exception. Are you using OSCP to verify certificates? I usually find that doesn't work too well and turn it off.

    [edit]Sorry, that should have been: I see the (Error code: sec_error_ca_cert_invalid) error.
    Last edited by phoenix; 02-08-2008 at 08:40 AM.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  5. #5
    iain is offline Loyal Member
    Join Date
    Feb 2006
    Location
    Manchester, UK
    Posts
    88
    Rep Power
    9

    Default

    Thanks for the comments. This morning it allows me to add an exception. On Friday, with no change in certificate at all, it refuses me entry altogether.

    Unfortunately, with a bug that's both rare and intermittent, I can imagine the developers could tear their hair out to resolve it but I think it is a Firefox bug. I may also raise it as a Zimbra bug for visibility.

    On the days when it doesn't like me, I'm having to boot up Win XP in a Virtual Machine just to get access to IE7 to access the admin console

  6. #6
    iain is offline Loyal Member
    Join Date
    Feb 2006
    Location
    Manchester, UK
    Posts
    88
    Rep Power
    9

    Default

    Raised as Bug 24696 - Sometimes give error sec_error_reused_issuer_and_serial, preventing login

    Firefox developers seem pretty confident it's an issue at my end (i.e. Zimbra rather than Firefox).

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. [SOLVED] Clamav problem ? What's happening ?
    By aNt1X in forum Installation
    Replies: 23
    Last Post: 02-14-2008, 05:43 AM
  2. Cleanup after many upgrades
    By tobru in forum Installation
    Replies: 1
    Last Post: 12-23-2007, 09:21 AM
  3. Replies: 5
    Last Post: 12-04-2007, 05:40 PM
  4. svn version still won't start
    By kinaole in forum Developers
    Replies: 0
    Last Post: 10-04-2006, 06:47 AM
  5. Monitoring : Data not yet avalaible
    By s3nz3x in forum Installation
    Replies: 7
    Last Post: 11-30-2005, 07:18 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •