Closed
Bug 286995
Opened 19 years ago
Closed 19 years ago
False "Invalid certificate error", when visiting site #2
Categories
(Core :: Security: PSM, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 204835
People
(Reporter: kubu, Assigned: KaiE)
Details
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.5) Gecko/20041107 Firefox/1.0 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.5) Gecko/20041107 Firefox/1.0 If I visit two pages in the same session, I get an "Invalid certificate ... has same serial number". I think it is limited to sites with a certificate paths, and "the middle certificate" is the same. Reproducible: Always Steps to Reproduce: 1. Visit https://www.seczone.dk/sqmail/src/login.php 2. Visit https://games.tips.dk/ 3. Actual Results: Alert: You have receieved an invalid certificate....Yor certificates contains the same serial number as another... If I close alle instancies of firefox, it is possible to contact the second site, but then access to the first site is blocked. Expected Results: No alert... Tested on several platforms, all PC based hardware though.
Comment 1•19 years ago
|
||
-> PSM
Assignee: firefox → kaie
Component: General → Security: PSM
Product: Firefox → Core
QA Contact: general
Version: unspecified → 1.7 Branch
Comment 2•19 years ago
|
||
This is a dup of bug 204835. See especially comment https://bugzilla.mozilla.org/show_bug.cgi?id=204835#c17 Each of these servers is serving a cert with serial number: 01:00:00:00:00:00:e5:f2:11:81:ee whose subject name is: "OU=TDC Internet Root CA,O=TDC Internet,C=DK" and whose issuer name is: "CN=GlobalSign Partners CA,OU=Partners CA,O=GlobalSign nv-sa,C=BE" Yet the certs with that description are not identical! The encoding of the signature in one of them has been altered. One is the true cert, and one is an alteration. NSS has detected the presence of a second cert with the same issuer and serial number as another already-seen cert, but which is not identical to it, and has reported it to PSM. PSM has reported it to the user. *** This bug has been marked as a duplicate of 204835 ***
Status: UNCONFIRMED → RESOLVED
Closed: 19 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•