ssl_error_bad_mac_read - Firefox 35 onwards have "Secure Connection Failed An error occurred during a connection to secure5.arcot.com" while online payment transactions

RESOLVED WORKSFORME

Status

Tech Evangelism
Desktop
RESOLVED WORKSFORME
3 years ago
7 months ago

People

(Reporter: Shailender, Unassigned)

Tracking

({site-compat})

Firefox 38
site-compat

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [contactready])

Attachments

(1 attachment)

(Reporter)

Description

3 years ago
Created attachment 8609204 [details]
firefox-38-bug.jpg

User Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:38.0) Gecko/20100101 Firefox/38.0
Build ID: 20150513174244

Steps to reproduce:

I tried to pay my dth bill via rechargeitnow.com website.
They use https://secure.payu.in/ pament gateway.
After submitting my card details it shows following error:-
"Secure Connection Failed"
An error occurred during a connection to secure5.arcot.com. SSL received a record with an incorrect Message Authentication Code. (Error code: ssl_error_bad_mac_read)
    The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
    Please contact the website owners to inform them of this problem.

This problem starts with firefox ver.35 and onwards.
While I can successfully do payment transactions on same above mentioned website in other browsers and firefox ver 34 also.


Actual results:

After submitting my card details it shows following error:-
"Secure Connection Failed"
An error occurred during a connection to secure5.arcot.com. SSL received a record with an incorrect Message Authentication Code. (Error code: ssl_error_bad_mac_read)
    The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
    Please contact the website owners to inform them of this problem.


Expected results:

The transaction should finished successfully.
(Reporter)

Updated

3 years ago
Severity: normal → critical
OS: Unspecified → Windows 8.1
Hardware: Unspecified → x86_64
Summary: Firefox 35 onwards have secure server error bug secure5.arcot.com never opens while online payment transactions → Firefox 35 onwards have "Secure Connection Failed An error occurred during a connection to secure5.arcot.com" while online payment transactions

Comment 1

3 years ago
https://www.ssllabs.com/ssltest/analyze.html?d=secure5.arcot.com
https://www.ssllabs.com/ssltest/analyze.html?d=secure.payu.in
https://www.ssllabs.com/ssltest/analyze.html?d=rechargeitnow.com
Severity: critical → normal
Component: Untriaged → Desktop
Keywords: site-compat
OS: Windows 8.1 → All
Product: Firefox → Tech Evangelism
Hardware: x86_64 → All
Summary: Firefox 35 onwards have "Secure Connection Failed An error occurred during a connection to secure5.arcot.com" while online payment transactions → ssl_error_bad_mac_read - Firefox 35 onwards have "Secure Connection Failed An error occurred during a connection to secure5.arcot.com" while online payment transactions
Version: 38 Branch → Firefox 38

Comment 2

2 years ago
Rechargeit as a certificate name mismatch 
https://www.ssllabs.com/ssltest/analyze.html?d=rechargeitnow.com
wwwz.rechargeitnow.com   MISMATCH



secure payu has a F rating.
https://www.ssllabs.com/ssltest/analyze.html?d=secure.payu.in

arcot has a B rating.
https://www.ssllabs.com/ssltest/analyze.html?d=secure5.arcot.com


The contact page is http://www.rechargeitnow.com/contactus.jspx


I will switch to contactready
If you contact them, please switch to sitewait.
Status: UNCONFIRMED → NEW
Ever confirmed: true
Whiteboard: [contactready]
I'm unsure if this issue still exists. I'm seeing a 404 on https://secure.payu.in/.

Also the domains "payu" and "arcot" now have A- ratings on SSL Labs. rechargeitnow still has the mismatch though.

Comment 4

7 months ago
I can confirm that the TLS configuration has been improved. The mismatch is also fixed for me, so let's close this.
Status: NEW → RESOLVED
Last Resolved: 7 months ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.