Getting sec_error_reused_issuer_and_serial even after deleting offending certificate.




10 years ago
8 years ago


(Reporter: mozilla, Unassigned)


Firefox Tracking Flags

(Not tracked)


(Whiteboard: [CLOSEME 2010-11-01])



10 years ago
User-Agent:       Opera/9.62 (Windows NT 5.1; U; en) Presto/2.1.1
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv: Gecko/2009011913 Firefox/3.0.6 (.NET CLR 3.5.30729)

I work with an iLO device (probably the same case with any network device that does self-signed certificates) for a while (talking months or years) and then need to change the IP address of the device. I change it and cannot regain access even after deleting the offending certificate from the firefox certificate store.

Reproducible: Always

Steps to Reproduce:
1.Browse to an HP iLO interface.
2.Recieve sec_error_ca_cert_invalid error and make permenant exception.
3.Login and change IP address.
4.Browse to new HP iLO IP address.
5.Recieve sec_error_reused_issuer_and_serial error.
6.Goto Tools -> Options -> Advanced -> Encryption -> View Certificates
7.Highlight old certificate and delete.
8.Browse to new HP iLO IP address.
Actual Results:  
9.Recieve sec_error_reused_issuer_and_serial error with no options.

Expected Results:  
9.Recieve sec_error_ca_cert_invalid error and make permenant exception.

I've seen other posts that are similar to this. The bug is not the sec_error_ca_cert_invalid error but the fact that I cannot fully delete all traces of a certificate from firefox. I should be able to delete a certificate from the certificate store and then firefox believe that it'd never encountered it before rather than caching it's information elsewhere.
step 6 is incomplete.
You have to delete the certificate at 2 places there (under others in Authorities )

Comment 2

10 years ago
Hmm. On the Authorties tab, sections go from "Network Solutions LLC" to "QuoVadis Limited". No "Others" section. Nor is there anything in the "Others" tab. I DLed the sqlite-manager plugin and went through the .sqlite to no avail. I'll put in some time this weekend playing with MozillaBuild and see if I can't figure this out.
the key store isn't using sqlite...
I'm going ahead and mark this as dupe of bug 435013 (I'm a little bit unsure if we want to keep different routers in different bugs)

It's no bug that you get this error bug the UI in this case sucks.
Last Resolved: 10 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 435013

Comment 4

10 years ago
This isn't a duplicate. Bug 435013 is a vendor specific issue with Linksys using the same certificate for all of their routers.

As noted by mtwest:
"i have to connect to about 15 different wrt54g routers at different sites every
day.. and having to close firefox, reopen and delete certificates is such a
pain... i really REALLY want to avoid using IE."

Meaning, he was able to delete the certificate and continue using Firefox. I'm reporting this bug because that previous functionality is now broken in 3.0.6. I cannot delete all traces of a certificate and continue using Firefox. While both of these bugs present the same error message, they are not the same bug and will not be represented by the same code changes.
Resolution: DUPLICATE → ---
This is a mass search for bugs which are in the Firefox General component, are
UNCO, have not been changed for 500 days and have an unspecified version. 

Reporter, can you please update to Firefox 3.6.10 or later, create a fresh profile,, and test again. If you still see the issue, please update this bug. If the issue is gone, please set the status to RESOLVED > WORKSFORME.
Whiteboard: [CLOSEME 2010-11-01]
No reply from reporter, INCOMPLETE. Please retest with Firefox 3.6.12 or later and a new profile ( If you continue to see this issue with the newest firefox and a new profile, then please comment on this bug.
Last Resolved: 10 years ago8 years ago
Resolution: --- → INCOMPLETE
You need to log in before you can comment on or make changes to this bug.