I'm currently running Firefox 3 beta 2 on Ubuntu Linux and I've hit a problem fairly regularly that looks like a Firefox bug but might be a Zimbra issue. If it happens often, it could cause serious problems for Zimbra users in future.
When connecting to Zimbra I sometimes get the error sec_error_reused_issuer_and_serial, which is meant to signify that the server has presented a certificate with the same issuer and serial number to another cert. In this case, Firefox 3 will not allow access to the site: no exceptions, access is simply blocked.
It's possible that this is a Zimbra bug. On the Zimbra server in question I followed the standard procedure to create a local certificate which looks fine and other users haven't reported any problems (new cert. created nearly three months ago so there's been time). So it seems to me unlikely to be a Zimbra bug, but possible.
I'm concerned because the behaviour of Firefox is not consistent:
- Rebooting the PC or stopping/starting Firefox is sometimes enough to get me on.
- The error can still occur when I've deleted every certificate from Firefox, so I don't know what Firefox is comparing the certificate to.
If anyone else has come across this bug, you might like to go to https://bugzilla.mozilla.org/show_bug.cgi?id=410622 and add your comment/vote as right now the Firefox developers are taking the view that it's working as designed.