Closed Bug 1256041 Opened 9 years ago Closed 9 years ago

SSL handshake with impi modules does no longer work - double used SERIAL Number

Categories

(Core :: Security: PSM, defect)

Product:
Core
Component:
Security: PSM
Version:
45 Branch
Platform:
x86_64
Linux
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED DUPLICATE of bug 435013

People

(Reporter: support, Unassigned)

References

(
URL
)

Details

User Agent: Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0 Build ID: 20160304160021 Steps to reproduce: I needed to connect to a supermicro ipmi module. The connection got denied with an SSL handshake error regarding a multiplytimes used Serial number. In 9 out of 10 cases, the user would not even know what you wanne tell him. I had to revert to Chrome, to connect to a very important xen serversystem. Actual results: no connection was made, no manual override was offered. Expected results: a manual "ignore this" button.
URL: impi https interfaces
Severity: normal → critical
OS: Unspecified → Linux
Hardware: Unspecified → x86_64
Component: Untriaged → Security: PSM
Product: Firefox → Core
Did it use to work with FF44 or 43? If yes, could you use the tool mozregression to find a regression range, please. http://mozilla.github.io/mozregression/
Flags: needinfo?(support)
Unless this works with an earlier version of Firefox, this is the same as bug 435013. Unfortunately, it's due to a fundamental design issue of NSS and can't be easily fixed. A workaround would be to use a new Firefox profile (and/or fix the supermicro ipmi so it doesn't re-use issuer/serial number pairs).
Status: UNCONFIRMED → RESOLVED
Closed: 9 years ago
Resolution: --- → DUPLICATE
Flags: needinfo?(support)
You need to log in before you can comment on or make changes to this bug.