Version: 0.3 Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2b) Gecko/20021014 Phoenix/0.3 I have two servers with self-signed certificates: data.mtds.com auth.mtds.com If I login to one, then go to the other, then I get a message that the certificate is invalid for auth.mtds.com when I've been to data.mtds.com and vice versa, i.e. it seems to be reading the certificate for data when contacting auth. To reproduce this bug go to https://data.mtds.com/sysadmin for example (you won't have to have a login to check), accept the self signed certificate, then go to https://auth.mtds.com and you should get rejected. Deleting the cache and restarting allows me to see either site. Checking SSL environment variables shows the certificate for auth and data are reasonably correct. I can't test this with Mozilla, sorry, don't have disk space for it.
This looks like a mozilla issue.
"incorrect Message Authentication Code" (2002101617, Win2k SP3)
Sorry, this is not a Pheonix bug, but a Mozilla bug, I was able to test it last night with Mozilla and had the same problems. Indeed, I get the message "incorrect Message Authentication Code"
Dupe of bug 114425. For both web sites, the Certificate Authority and Serial number are the same. No two different certs should EVER have the same issuer and serial number. That is an X509 rule, and mozilla relies on it. It is proper to do so. Reporter, I suggest that you reissue one of the server certificates with a serial number different than 01. *** This bug has been marked as a duplicate of 114425 ***
Thankyou very much, that worked! That means that IE5, 5.5, 6, Opera and Konqueror all do not respect this thing with certificates. I learned something today.
*** Bug 179312 has been marked as a duplicate of this bug. ***