Project

General

Profile

Bug #161

HTTPS certificates invalid - duplicate serial

Added by Chris Buechler over 9 years ago. Updated over 8 years ago.

Status:
Resolved
Priority:
High
Assignee:
-
Category:
Certificates
Target version:
Start date:
11/18/2009
Due date:
% Done:

0%

Estimated time:
Affected Version:
2.0
Affected Architecture:

Description

Generating a certificate and using it for HTTPS results in an unusable web interface.

"You have received an invalid certificate. Please contact the server administrator or email correspondent and give them the following information:

Your certificate contains the same serial number as another certificate issued by the certificate authority. Please get a new certificate containing a unique serial number.

(Error code: sec_error_reused_issuer_and_serial)"

Associated revisions

Revision 6af7c40b (diff)
Added by Scott Ullrich over 9 years ago

Redirect to / when logging in to avoid posting to forms accidently and clearing the form and causing all kinds of chaos. Ticket #161

Revision c9dddd59 (diff)
Added by Scott Ullrich over 9 years ago

Revert "Redirect to / when logging in to avoid posting to forms accidently and clearing the form and causing all kinds of chaos. Ticket #161"

This reverts commit 6af7c40b296e0f95ec308d41aea55b3306c5e1ee.

Revision 51dbdcde (diff)
Added by Ermal Luçi over 9 years ago

Ticket #161. Seems this does the trick for firefox.

Revision ae4dbded (diff)
Added by Ermal Luçi about 9 years ago

Ticket #161. Fix creation of certificates and the webgui one. This was a problem on php API docs.

History

#1 Updated by Scott Ullrich over 9 years ago

Having trouble replicating this one again. It happened to me once when system -> advanced lost all of its settings but I have been unable to replicate that as well.

In addition, we default to https now and import a standard certificate on bootup.

#2 Updated by Scott Ullrich over 9 years ago

How to reproduce:

Set the webgui logout timer to 1 minute.

Navigate to System -> Advanced

Wait 2 minutes.

Click submit.

Watch with awe as the entire form is wiped out.

#3 Updated by Scott Ullrich over 9 years ago

  • Status changed from New to Feedback

#4 Updated by Scott Ullrich over 9 years ago

  • Status changed from Feedback to New

#5 Updated by Scott Ullrich over 9 years ago

  • Status changed from New to Feedback

#6 Updated by Ermal Luçi over 9 years ago

Seems the cause is this
http://support.mozilla.com/en-US/kb/Certificate+contains+the+same+serial+number+as+another+certificate.

Committed a fix that seems to fix this issue.

#7 Updated by Chris Buechler about 9 years ago

  • Status changed from Feedback to Resolved

#8 Updated by Chris Buechler about 9 years ago

  • Status changed from Resolved to New

Still a problem. To replicate, just generate a new cert and switch the web interface to it.

#9 Updated by Ermal Luçi about 9 years ago

  • Status changed from New to Feedback

#10 Updated by Chris Buechler about 9 years ago

  • Status changed from Feedback to Resolved

fixed

#11 Updated by Chris Buechler over 8 years ago

  • Status changed from Resolved to New

This has regressed it appears, after generating an internal certificate and changing the web interface to HTTPS, I end up with:

Your certificate contains the same serial number as another certificate issued by the certificate authority.  Please get a new certificate containing a unique serial number.

(Error code: sec_error_reused_issuer_and_serial)

#12 Updated by Sander Naudts over 8 years ago

I don't have this issue on the snapshot of today 20110106-0206. Running firefox 3.6.13.

#13 Updated by Chris Buechler over 8 years ago

  • Status changed from New to Resolved

this is actually only possible if you manually screw with your certs in the config, it generates serials correctly under all normal circumstances.

Also available in: Atom PDF