Closed Bug 1739039 Opened 3 years ago Closed 3 years ago

Secure Connection Failed error occurs when accessing PIV card certificate after waking macbook from sleep

Categories

(Core :: Security: PSM, defect)

Firefox 94
defect

Tracking

()

RESOLVED WORKSFORME

People

(Reporter: jpavanaryan, Unassigned)

Details

Attachments

(2 files)

User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:94.0) Gecko/20100101 Firefox/94.0

Steps to reproduce:

  1. Go to https://iam.nih.gov or any other website which accepts PIV certificae
  2. Login using PIV card, works fine
  3. Then do some work, lock your screen and unlock the macbook
  4. Try to login to the website again. You would see the error "Secure Connection Failed". See attachment for details

Actual results:

The website failed to load and shows the below error.

Secure Connection Failed

An error occurred during a connection to pivauth.nih.gov. A PKCS #11 module returned CKR_GENERAL_ERROR, indicating that an unrecoverable error has occurred.

Error code: SEC_ERROR_PKCS11_GENERAL_ERROR

    The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
    Please contact the website owners to inform them of this problem

Expected results:

Firefox should show the popup to pickup certificates and let me proceed to the website.

I did create another bug report in the past regarding this "https://bugzilla.mozilla.org/show_bug.cgi?id=1681442". That one addressed the problem of not picking certificate at all(even the first time) with flag security.osclientcerts.autoload=true. I do have the flag enabled, but I still see the issue

The Bugbug bot thinks this bug should belong to the 'Core::Security: PSM' component, and is moving the bug to that component. Please revert this change in case you think the bot is wrong.

Component: Untriaged → Security: PSM
Product: Firefox → Core

Did anyone got a chance to looking at this bug? Please let me know

The severity field is not set for this bug.
:keeler, could you have a look please?

For more information, please visit auto_nag documentation.

Flags: needinfo?(dkeeler)

What output do you get if you run Firefox with the environment variable RUST_LOG set to osclientcerts_static=debug?

Flags: needinfo?(dkeeler) → needinfo?(jpavanaryan)

Whats the process to set environment variables? I set it as shown in image

Flags: needinfo?(jpavanaryan)
Attached image RUST_LOG setting

It seems I no longer have the issue since 94.0.2. Closing the issue for now, will open it back if get it again

Flags: needinfo?(jpavanaryan)

Great - thanks!

Status: UNCONFIRMED → RESOLVED
Closed: 3 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: