Project

General

Profile

Actions
Copy link

Bug #161

closed

HTTPS certificates invalid - duplicate serial

Added by Chris Buechler over 14 years ago. Updated over 13 years ago.

Status:
Resolved
Priority:
High
Assignee:
-
Category:
Certificates
Target version:
2.0
Start date:
11/18/2009
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.0
Affected Architecture:

Description

Generating a certificate and using it for HTTPS results in an unusable web interface.

"You have received an invalid certificate. Please contact the server administrator or email correspondent and give them the following information:

Your certificate contains the same serial number as another certificate issued by the certificate authority. Please get a new certificate containing a unique serial number.

(Error code: sec_error_reused_issuer_and_serial)"

Actions
Copy link
 #1

Updated by Scott Ullrich over 14 years ago

Having trouble replicating this one again. It happened to me once when system -> advanced lost all of its settings but I have been unable to replicate that as well.

In addition, we default to https now and import a standard certificate on bootup.

Actions
Copy link
 #2

Updated by Scott Ullrich over 14 years ago

How to reproduce:

Set the webgui logout timer to 1 minute.

Navigate to System -> Advanced

Wait 2 minutes.

Click submit.

Watch with awe as the entire form is wiped out.

Actions
Copy link
 #3

Updated by Scott Ullrich over 14 years ago

  • Status changed from New to Feedback
Actions
Copy link
 #4

Updated by Scott Ullrich over 14 years ago

  • Status changed from Feedback to New
Actions
Copy link
 #5

Updated by Scott Ullrich over 14 years ago

  • Status changed from New to Feedback
Actions
Copy link
 #6

Updated by Ermal Luçi about 14 years ago

Seems the cause is this
http://support.mozilla.com/en-US/kb/Certificate+contains+the+same+serial+number+as+another+certificate.

Committed a fix that seems to fix this issue.

Actions
Copy link
 #7

Updated by Chris Buechler about 14 years ago

  • Status changed from Feedback to Resolved
Actions
Copy link
 #8

Updated by Chris Buechler about 14 years ago

  • Status changed from Resolved to New

Still a problem. To replicate, just generate a new cert and switch the web interface to it.

Actions
Copy link
 #9

Updated by Ermal Luçi about 14 years ago

  • Status changed from New to Feedback
Actions
Copy link
 #10

Updated by Chris Buechler about 14 years ago

  • Status changed from Feedback to Resolved

fixed

Actions
Copy link
 #11

Updated by Chris Buechler over 13 years ago

  • Status changed from Resolved to New

This has regressed it appears, after generating an internal certificate and changing the web interface to HTTPS, I end up with:

Your certificate contains the same serial number as another certificate issued by the certificate authority.  Please get a new certificate containing a unique serial number.

(Error code: sec_error_reused_issuer_and_serial)
Actions
Copy link
 #12

Updated by Sander Naudts over 13 years ago

I don't have this issue on the snapshot of today 20110106-0206. Running firefox 3.6.13.

Actions
Copy link
 #13

Updated by Chris Buechler over 13 years ago

  • Status changed from New to Resolved

this is actually only possible if you manually screw with your certs in the config, it generates serials correctly under all normal circumstances.

Actions
Copy link

Also available in: Atom PDF