Closed
Bug 1021515
Opened 10 years ago
Closed 9 years ago
Intermittent HTTPS connection aborted on https://www.spottedmouse.com
Categories
(Core :: Security: PSM, defect)
Tracking
()
RESOLVED
WORKSFORME
People
(Reporter: mozilla, Unassigned)
References
()
Details
Attachments
(1 file)
1.22 KB,
application/octet-stream
|
Details |
User Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:29.0) Gecko/20100101 Firefox/29.0 (Beta/Release)
Build ID: 20140506152807
Steps to reproduce:
When visiting my website I get the following error intermittently:
---------------------------------------------------------------------------
An error occurred during a connection to www.spottedmouse.com. SSL peer rejected a handshake message for unacceptable content. (Error code: ssl_error_illegal_parameter_alert)
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem. Alternatively, use the command found in the help menu to report this broken site.
---------------------------------------------------------------------------
The server is running apache and uses a self signed certificate. The CA's public certificate has been imported into firefox.
Refreshing the page using CTRL+F5 caused the error to occur more frequently.
It could be related to some timing issue as there seem to be periods when I am not able to reproduce the problem, while at other times it happens every refresh.
Actual results:
Error is presented and site artifacts (JS, CSS, HTML files) are not loaded consistently.
Expected results:
All artifact to load and render the site without an error.
Apache is configured to:
SSLProtocol -ALL +SSLv3 +TLSv1.2 -SSLv2
SSLCipherSuite ECDH+AES256:AES256-SHA:!AECDH
SSLCompression off
SSLHonorCipherOrder On
Using nmap to verify the SSL configuration produced the follwing output.
Host is up (0.000053s latency).
PORT STATE SERVICE
443/tcp open https
| ssl-enum-ciphers:
| SSLv3:
| ciphers:
| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - strong
| TLS_RSA_WITH_AES_256_CBC_SHA - strong
| compressors:
| NULL
| TLSv1.2:
| ciphers:
| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - strong
| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - strong
| TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - strong
| TLS_RSA_WITH_AES_256_CBC_SHA - strong
| compressors:
| NULL
|_ least strength: strong
I have encounterd this issue on both Windows 8.1 and Ubuntu 14.04 running version 29. I found some similar reports suggesting a problem with anti-virus such as Kaspersky. On the Windows 8.1 system I have been using only Microsoft Essentials was installed in default configuration. No additional anti-virus software was installed on this test system.
Updated•10 years ago
|
Component: Security → Security: PSM
Comment 3•10 years ago
|
||
(In reply to mozilla from comment #2)
> I have encounterd this issue on both Windows 8.1 and Ubuntu 14.04 running
> version 29. I found some similar reports suggesting a problem with
> anti-virus such as Kaspersky. On the Windows 8.1 system I have been using
> only Microsoft Essentials was installed in default configuration. No
> additional anti-virus software was installed on this test system.
Can you post your CA cert here? Is it still an issue starting on mozilla 31 (now in beta)?
Using 31BETA I haven't been able to reproduce the problem so far.
Comment 6•9 years ago
|
||
Thanks for filing the bug. I haven't been able to reproduce the issue on a recent Firefox build, and it looks like you weren't able to either in Comment 5, so I'm resolving this as WORKSFORME.
Status: UNCONFIRMED → RESOLVED
Closed: 9 years ago
Resolution: --- → WORKSFORME
Summary: Intermittent HTTPS connection aborted → Intermittent HTTPS connection aborted on https://www.spottedmouse.com
You need to log in
before you can comment on or make changes to this bug.
Description
•