User Agent: Mozilla/5.0 (Windows NT 5.1; rv:15.0) Gecko/20100101 Firefox/15.0.1 Build ID: 20120905151427 Steps to reproduce: 1. Installed an SSL enabled web server on machine X on port 1158 (actually Oracle Enterprise manager dbconsole). 2. Accessed the site succesfully after adding an exception for the self signed certificate. That was using Firefox 15.0.1 on Windows XP 32 bit. 3. Installed another SSL enabled web server on the same machine X on port 5500 (again Oracle dbconsole for another database). It uses another self-signed certificate (for the same name though CN=X). The subject of the issuer is with the same DN, but different Key ID. 4. Accessed the second web server (on port 5500), after adding an exception for that. That was using Firefox 15.0.1 on Windows XP 32 bit 5. Without changing anything on the serverside (no restarts, no configuration changes, nothing at all), I tried to access the first server on port 1158. That was using Firefox 15.0.1 on Windows XP 32 bit Actual results: An error was shown, instead of the expected contents. Secure Connection Failed An error occurred during a connection to X:1158. Peer's certificate has an invalid signature. (Error code: sec_error_bad_signature) Expected results: The page should be displayed. It is correctly displayed with IE 8 and Chrome Version 22.0.1229.94 m
I can confirm the behaviour for MS Windows Server 2003 R2 SP2 (32bit) + FF 16.0.2 portable despite browser.xul.error_pages.expert_bad_cert set to 'TRUE' one can circumvent it a bit - start FF - connect to EM at port 1158 - stop/start FF - connect to EM at port 5500 - stop/start FF - connect to EM at port 5501 ... sometimes it es possible to connect first to e.g. Port 5503 and after this successfully to 1158 without restarting FF
Based on Thomas' post I tried the following and it worked for me. Firefox 17.0.2 on Windows 7 64-bit. Linux Oracle server RH 5.7, 188.8.131.52.4. 1. Deleted all certificate exceptions associated with the Oracle server. Options > View Certificates > Delete... 2. Invoked each OEM dbconsole URL in the order of its creation -- important step. 3. Added certificate exception for each URL. Subsequently I was able to connect to all 3 dbconsoles assigned to ports 5583, 5585, 5586, in any order.
Sounds like this is WFM.