Secure Connection Failed error occurs when accessing PIV card certificate after waking macbook from sleep
Categories
(Core :: Security: PSM, defect)
Tracking
()
People
(Reporter: jpavanaryan, Unassigned)
Details
Attachments
(2 files)
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:94.0) Gecko/20100101 Firefox/94.0
Steps to reproduce:
- Go to https://iam.nih.gov or any other website which accepts PIV certificae
- Login using PIV card, works fine
- Then do some work, lock your screen and unlock the macbook
- Try to login to the website again. You would see the error "Secure Connection Failed". See attachment for details
Actual results:
The website failed to load and shows the below error.
Secure Connection Failed
An error occurred during a connection to pivauth.nih.gov. A PKCS #11 module returned CKR_GENERAL_ERROR, indicating that an unrecoverable error has occurred.
Error code: SEC_ERROR_PKCS11_GENERAL_ERROR
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem
Expected results:
Firefox should show the popup to pickup certificates and let me proceed to the website.
I did create another bug report in the past regarding this "https://bugzilla.mozilla.org/show_bug.cgi?id=1681442". That one addressed the problem of not picking certificate at all(even the first time) with flag security.osclientcerts.autoload=true
. I do have the flag enabled, but I still see the issue
Comment 1•3 years ago
|
||
The Bugbug bot thinks this bug should belong to the 'Core::Security: PSM' component, and is moving the bug to that component. Please revert this change in case you think the bot is wrong.
Reporter | ||
Comment 2•3 years ago
|
||
Did anyone got a chance to looking at this bug? Please let me know
Comment 3•3 years ago
|
||
The severity field is not set for this bug.
:keeler, could you have a look please?
For more information, please visit auto_nag documentation.
Comment 4•3 years ago
|
||
What output do you get if you run Firefox with the environment variable RUST_LOG
set to osclientcerts_static=debug
?
Reporter | ||
Comment 5•3 years ago
|
||
Whats the process to set environment variables? I set it as shown in image
Reporter | ||
Comment 6•3 years ago
|
||
Comment 7•3 years ago
|
||
You have to use the macOS terminal similarly to what's described here: https://books.google.com/books?id=0_DeDgAAQBAJ&lpg=PA105&ots=CFfMTNrucF&dq=macos%20firefox%20set%20environment%20variable&pg=PA105#v=onepage&q=macos%20firefox%20set%20environment%20variable&f=false
Reporter | ||
Comment 8•3 years ago
|
||
It seems I no longer have the issue since 94.0.2. Closing the issue for now, will open it back if get it again
Comment 9•3 years ago
|
||
Great - thanks!
Description
•