Closed Bug 514708 Opened 16 years ago Closed 12 years ago

SSL Certificates get dropped in mid session or not recognize.

Categories

(Firefox :: Security, defect, P3)

Product:
Firefox
Component:
Security
Version:
3.5 Branch
Platform:
x86
Windows XP
Type:
defect

Tracking

()

Status:
RESOLVED WORKSFORME

People

(Reporter: sevenfactors, Unassigned)

Details

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.2) Gecko/20090729 Firefox/3.5.2 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.2) Gecko/20090729 Firefox/3.5.2 While getting my email done over at "www.gmail.com" Firefox just drops the SSL certificates for no apparent reason. Clicking refresh on the browser reactivates the SSL certificated, for the Firefox secure/encrypted connection identification icons show up again on the browser. This doesn't always work, sometimes the browser fails to recognize the SSL certificated at all, even though the URL is clearly "https://" -This doesn't only happens at "www.gmail.com", it also happens to me over at "addons.mozilla.org/en-US/firefox/" , "www.ebay.com" & "www.newegg.com" -The only page that has given me an in browser "This Connection is Untrusted" is "https://landfill.mozilla.org/bugzilla-tip/" -My broswer Encryption Protocols settings SSL 3.0 and TSL1.0 are enable. -Validation options Use the online Certificate Status Protocol OCSP & Validate a certificated if it specifies an OCSP server options are enable. Reproducible: Always Steps to Reproduce: 1.Visit any of the websites I have listed under "Details" ex. www.gmail.com 2.Just work on the secure page as you normally would 3.Oddly and at random times the browser will drop the SSL certificated and all visible representation other than the "https:://" on the URL, are gone. 4.80% of the time, clicking refresh on the browser reestablishes the secure connection between the browser and the server. Nevertheless, after a while it happens again. Actual Results: The secure connection between you and the server hosting the webiste is dropped. Most of the times, clicking refresh on the browser reestablishes the secure connection. Expected Results: Be able to recognize and maintain the secure connection. -My broswer Encryption Protocols settings SSL 3.0 and TSL1.0 are enable. -Validation options Use the online Certificate Status Protocol OCSP & Validate a certificated if it specifies an OCSP server options are enable. -Built Configuration --enable-application=browser --enable-update-channel=release --enable-update-packaging --enable-jemalloc --enable-official-branding --with-crashreporter-enable-percent=10 -I try it on a clean installation of Fx 3.5.2 and the same problem was found. -This problem doesn't happen in Fx 3.0.13
Version: unspecified → 3.5 Branch
It looks like nobody has been able to confirm this problem. I have taking some videos using Jing so you guys can see the bug I have described above. I mean, it would suck if this only happens to me... -----NOTE By the way, are there any tools/add-ons that can reproduce a log of what happens when I visit one of this https:// pages that drop the SSL certificated? This way I can post that log here so you guys can better understand what is happening. Anyways, here are the links to the videos. -Please take the time to watch- Thanks * http://www.screencast.com/users/VENIX/folders/Jing/media/d6843798-db37-4eb7-8f82-34132d6525c1 * http://www.screencast.com/users/VENIX/folders/Jing/media/7bf66344-7a6a-48c7-a286-6dd636d4db78 * http://www.screencast.com/users/VENIX/folders/Jing/media/d6b21ee8-0a0c-4f9c-a1d2-69c2b8c22583 I see that this bug has not been confirmed by anybody else but it does happen to be all the time. If there if anything else, any other info that I can supply to help solve this, please let me know and I will deliver. Thanks.
Priority: -- → P3
This is most likely the result of mixed content (eg, inclusion of non-SSL content in the page). If you go to Page Info --> Security, do you see something about the page being "partially encrypted"?
(In reply to comment #2) > This is most likely the result of mixed content (eg, inclusion of non-SSL > content in the page). If you go to Page Info --> Security, do you see something > about the page being "partially encrypted"? Yes, I do see the "Connection is Partially Encrypted" but these web-pages are meant to stay secured for as long as you are visiting them. The encrypted connection didn't just get dropped, for no apparent reason, before I updated to Fx3.5 nor does it happen in IE7 [I don't have IE8] nor in Fx3.0.13 ex. When you visit https://addons.mozilla.org/en-US/firefox/ the website is secured and anywhere you go under https://addons.mozilla.org the page will be secured as well, right? Well, I can visit a page at https://addons.mozilla.org and be secure and do nothing and the secure connection would get dropped. Sometimes all pages are not secured, sometimes the secured connection never gets dropped. As it can be seen on the videos, sometimes when reloading a page bring the SSL certificated back up, but normally this gets dropped pretty fast. I would just go back to Fx3.0.13 and not worry about this problem, but sadly some of my must-have addons work only with the latest version of Fx, not to mention that Fx runs smoother and lighters on my PC. NOTE: I keep windows up-to-date with the latest updates. The only two I refuse to install are IE8 and some .NET addons for firefox that Microsoft want force on me. I don't know if .NET has a take on this matter, but as far as I'm concern, .NET is just .NET
closing this since we dont support 3.5 anymore, feel free to open this bug if it reproducible in current version of Firefox http://getfirefox.com
Status: UNCONFIRMED → RESOLVED
Closed: 12 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.