Firefox 102 and HTTPS certificates problem
18 views
Skip to first unread message
Streich Colomeda, Dimas
Sep 8, 2023, 6:33:40 AM9/8/23
to Enterprise Working Group Mailing List (enterprise@mozilla.org)
Hi,
We've installed a certificate in our Apache server and Firefox 102 ESR is not recognizing it, it marks the pages at not secure and the user need to add an exception:
But in my personal Firefox (118 beta) and Edge it detects and validate the certificate and works as secure:
Edge:
I searched for tls settings and I can't see differences between the 102 ESR and the 118.
112:
118:
Any tips?
We've installed a certificate in our Apache server and Firefox 102 ESR is not recognizing it, it marks the pages at not secure and the user need to add an exception:
But in my personal Firefox (118 beta) and Edge it detects and validate the certificate and works as secure:
Edge:
I searched for tls settings and I can't see differences between the 102 ESR and the 118.
112:
118:
Any tips?
--
Dimas Streich Colomeda
Unitat de Tecnologies de la Informació i Comunicació
Departament de Salut | Generalitat de Catalunya
Av.França s/n | 17007 Girona
dstreich....@gencat.cat | http://www.hospitaltrueta.cat
Instagram | Twitter | YouTube | LinkedIn
Aquest missatge s'adreça exclusivament a la persona destinatària i pot contenir informació privilegiada o confidencial. Si no sou la persona destinatària indicada, us recordem que la utilització, divulgació i/o còpia sense autorització està prohibida en virtut de la legislació vigent. Si heu rebut aquest missatge per error, us demanem que ens ho feu saber immediatament per aquesta via i que el destruïu.
Dimas Streich Colomeda
Unitat de Tecnologies de la Informació i Comunicació
Departament de Salut | Generalitat de Catalunya
Av.França s/n | 17007 Girona
dstreich....@gencat.cat | http://www.hospitaltrueta.cat
Instagram | Twitter | YouTube | LinkedIn
Aquest missatge s'adreça exclusivament a la persona destinatària i pot contenir informació privilegiada o confidencial. Si no sou la persona destinatària indicada, us recordem que la utilització, divulgació i/o còpia sense autorització està prohibida en virtut de la legislació vigent. Si heu rebut aquest missatge per error, us demanem que ens ho feu saber immediatament per aquesta via i que el destruïu.
Streich Colomeda, Dimas
Sep 8, 2023, 6:44:53 AM9/8/23
to enter...@mozilla.org
I tried with 115 ESR and the same error:
--
You received this message because you are subscribed to the Google Groups "enter...@mozilla.org" group.
To unsubscribe from this group and stop receiving emails from it, send an email to enterprise+...@mozilla.org.
To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/enterprise/20d9877d-dbeb-44ce-8ded-1be86a09ff0c%40gencat.cat.
Joel Baltazor
Sep 8, 2023, 9:54:03 AM9/8/23
to Streich Colomeda, Dimas, enter...@mozilla.org
I don't know why the differences in versions, but If I were
troubleshooting I would try these things first:
1. Does the same thing happen in chromium-based browser ? If yes, that might mean server configuration issue or a trust issue.
2. Where did the certificate come from? Is it self-issued, do you have your own CA, did you get it from somewhere else?
2a. Press "Mostra el certificat"/"View Certificate" and see who the certificate is issued by
2b. Does that CA show in Tools -> Privacy & Security -> Security -> View Certificates -> Authorities
3. Looking at the Apache server, - Are you using Mozilla's recommended settings: https://ssl-config.mozilla.org/ (Apache -> Intermediate). Thinking mostly about SSLProtocol & SSLCipherSuite settings.
1. Does the same thing happen in chromium-based browser ? If yes, that might mean server configuration issue or a trust issue.
2. Where did the certificate come from? Is it self-issued, do you have your own CA, did you get it from somewhere else?
2a. Press "Mostra el certificat"/"View Certificate" and see who the certificate is issued by
2b. Does that CA show in Tools -> Privacy & Security -> Security -> View Certificates -> Authorities
3. Looking at the Apache server, - Are you using Mozilla's recommended settings: https://ssl-config.mozilla.org/ (Apache -> Intermediate). Thinking mostly about SSLProtocol & SSLCipherSuite settings.
To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/enterprise/80e0a433-e965-4221-a1bc-48d360f02e49%40gencat.cat.
Mike Kaply
Oct 10, 2023, 10:07:16 AM10/10/23
to Streich Colomeda, Dimas, enter...@mozilla.org
Were you able to try any of Joel's recommendations?
This might be worth opening a Bugzilla bug to get the larger team involved.
Mike
To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/enterprise/80e0a433-e965-4221-a1bc-48d360f02e49%40gencat.cat.
Reply all
Reply to author
Forward
0 new messages