Closed
Bug 1149521
Opened 9 years ago
Closed 8 years ago
Get "ssl_error_rx_malformed_server_hello" since newest nightly Version
Categories
(Core :: Security: PSM, defect)
Tracking
()
RESOLVED
WORKSFORME
People
(Reporter: lussnig, Unassigned)
Details
User Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:40.0) Gecko/20100101 Firefox/40.0 Build ID: 20150330114816 Steps to reproduce: I try to access "https://suche.org/" this worked yesterday. And also "https://dev.ssllabs.com/ssltest/analyze.html?d=suche.org" reports no error. Actual results: Today i receive the error in the GUI: "Error code: ssl_error_rx_malformed_server_hello" SSL-Report that was generated: {"hostname":"suche.org","port":"","timestamp":1427810106,"errorCode":-12259,"failedCertChain":[],"userAgent":"Mozilla/5.0 (Windows NT 6.3; WOW64; rv:40.0) Gecko/20100101 Firefox/40.0","version":1,"build":"20150330114816","product":"Firefox","channel":"nightly"}
Found that the cause is NPN Extension in the ServerHello. It is correctly send. So this is an BUG.
Comment 2•9 years ago
|
||
Are you behind a proxy of some sort? when I access that site with 40 it tries to get me to supply a client cert (I hit cancel) and then it loads fine.
Component: Networking → Security: PSM
Hi, i aktivated now the NPN extension. So you can check the error. Since it worked before and Wireshark, Opera, IE and SslLabs tell it is ok. I think this is an bug in Firefox and should be fixed. It is happens with direct internet connection as well with and firewall/proxy. Please tell me when you checked it so i can go back to work without NPN until the problem is fixed.
Hi, i will switch NPN default of as long as Firefox nightly is broken. But with two special url's you can switch if on off. It works after the next SSL Handshake. https://suche.org/page/enableNPN https://suche.org/page/disableNPN
To activate the changed setting restart firefox so that the ssl session is cleared.
Comment 6•9 years ago
|
||
https://suche.org/ and https://suche.org/page/enableNPN worked but https://suche.org/page/disableNPN did not.
Comment 7•9 years ago
|
||
All URLs no longer work with the latest Nightly.
Hi, this is the problem if you enableNPN (because of firefox nightly it is disabled). The next HTTPS Session fail. You can disable it with another browser (firefox stable for example). All other browsers have no problem with the extension. The enable/disable URL works on source ip.
Is this still an issue?
Flags: needinfo?(lussnig)
Reporter | ||
Comment 10•8 years ago
|
||
Since NPN is considered as deprecated i switched if permanently off. So for me it is no longer an issue.
Ok - thanks.
Status: UNCONFIRMED → RESOLVED
Closed: 8 years ago
Flags: needinfo?(lussnig)
Resolution: --- → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•