Closed Bug 156580 Opened 22 years ago Closed 22 years ago

Error Establishing an Encrypted connection

Categories

(Core Graveyard :: Security: UI, defect, P3)

Product:
Core Graveyard
Component:
Security: UI
Version:
1.0 Branch
Platform:
x86
Linux
Type:
defect

Tracking

(Not tracked)

Status:
VERIFIED DUPLICATE of bug 111384
Milestone:
psm2.4

People

(Reporter: stewart, Assigned: ssaux)

References

(
URL
)

Details

When trying to log into the roxio store, (behind a squid proxy server, running
on RedHat Linux 7.2) from either Mozilla (1.0, 1.1a on Linux) or IE (on W2K) we
get a "Error establishing an encrypted connection to www.portablestore.com.
Error Code: -5933." dialog appearing.

(From memory), this also has happenned with a few other sites using ssl. I'll
attempt to find some and ammend the bug. But this is a real showstopper.

The funny thing is, it works with Netscape 4.77 (through the proxy).

The squid package is: squid-2.4.STABLE6-6.7.3
Also seems to be happenning when trying to visit:

http://www.redhat.com/apps/redirect.apm/apps/support/?rhpage=/index.html/horizontal_nav**
Seems to be working in the nightly build.
Status: UNCONFIRMED → RESOLVED
Closed: 22 years ago
Resolution: --- → FIXED
Found it happenning in the Current (yesterday's build) on https://olb.westpac.com.au
Status: RESOLVED → UNCONFIRMED
Resolution: FIXED → ---
I've also filed a squid bug related to this one (i.e. it's the same problem, but
it seems as though it *might* be more squid related than mozilla). The bug
number is 379.

http://www.squid-cache.org/bugs/show_bug.cgi?id=379
Using build 2002053012, behind a firewall using a squid cache (RH7.0), this 
happens to our install of just the browser and the security stuff, but works 
fine for the install of everything.  What are others setups?  Both these 
machines are behind the same firewall and squid so it seems that Mozillia might 
still be at least part of the problem.


Still happenning on complete install of nightly build 20020730 on Debian Woody 686.
I confirm the problem on Windows 2000 with Moz 1.1 Mozilla/5.0 (Windows; U;
Windows NT 5.0; en-US; rv:1.1) Gecko/20020826.

Behind the firewall of HP (no idea which software), trying to reach some
online banking sites, I get the same error message (but with -5985). Just to not
give away my banking companies, I tried at banking.wellsfargo.com and it didn't
work. Nevertheles I can log on my provider's site (who has Apache installed).
With the same setup and IE5.5 I do come through.

So perhaps something to do with the encryption mechanism used!?

Hope this helped.
Hello again,

I did some more testing and my problems were due to OCSP validation being on for
certificate presenting a such field. I don't know if the field present in the
certificates was wrong or if the validation couldn't be done because of the
firewall but without the validation, the problem is gone. So fine for me.

Thanks, Eric
I received this error ("Error establishing an encrypted connection") 
with error code -5985; turning off OCSP validation made the problem
go away.  I did not investigate whether the cert was presenting an
OCSP URL, nor my ability to connect to such an URL given my current 
browser & network configuration.

Perhaps this is just a matter of needing a more descriptive
error message for code "-5985" - e.g. "unable to validate certificate
<cert> at OCSP URL <OCSP URL>" or some such thing.

Confirmed: turning off OCSP validation eliminates the error.
Site: http://www.jasc.com/catalog.asp?
Using:
Mozilla 1.1
Mozilla/5.0 (Windows; U; Win 9x 4.90; en-US; rv:1.1) Gecko/20020826
Seconding:  the suggestion for more descriptive error messages.
Yep fixed it for me also.  Not sure how it got turned on in one browser install
and not the other when I don't think I did anything different, but this fixed
it.  I'll third the error message change - it's taken a large amount of time
trying to find the solution to this one. 

I'll post this possible fix to the squid bug that's mentioned in comment #4 also.
Changing the setting also makes things work for me now. Although, there should
be a more precise definition of the error, and the option to continue through.
Also, it shouldn't really take that long before the error message appears.
This bug is not related to the mozilla cache.  Changing component.
Assignee: gordon → new-network-bugs
Component: Networking: Cache → Networking
QA Contact: tever → benc
Duplicate
Assignee: new-network-bugs → ssaux
Status: UNCONFIRMED → NEW
Component: Networking → Client Library
Ever confirmed: true
Product: Browser → PSM
QA Contact: benc → junruh
Version: other → 2.4

*** This bug has been marked as a duplicate of 111384 ***
Status: NEW → RESOLVED
Closed: 22 years ago22 years ago
Resolution: --- → DUPLICATE
verified dupe.
Status: RESOLVED → VERIFIED
Priority: -- → P3
Target Milestone: --- → 2.4
Product: PSM → Core
Version: psm2.4 → 1.0 Branch
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.