X
Tippen Sie hierhin, um die Version dieser Website für Mobilgeräte aufzurufen.
Scheduled maintenance: Monday, March 30, between 3:30pm and 5:30pm UTC. This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn’t solve your issue and you want to ask a question, we have our support community waiting to help you at @firefox on Twitter

Hilfeforum

Firefox isn't trusting a replaced user certificate.

Veröffentlicht

I access one TLS URL that's secured by user certificate. I had no problem importing the .p12 certificate into my profile's user certificate store ("Your Certificates"), and I could access the URL.

On the TLS URL system, for an unrelated reason, I had to generate a new certificate. My task was to remove the user certificate from my profile's certificate store, and replace with the new certificate.

The replacement was perfect: Delete the old certificate, import the new certificate. Enter the cert password, and see the new certificate, with its new serial ID listed in Firefox's certificate store.

When I try to visit the TLS secured URL, Firefox gives "Secure Connection Failed" and "SEC_ERROR_BAD_SIGNATURE". It says "Peer has an invalid signature."

I'm at a loss how to proceed troubleshooting this.

I access one TLS URL that's secured by user certificate. I had no problem importing the .p12 certificate into my profile's user certificate store ("Your Certificates"), and I could access the URL. On the TLS URL system, for an unrelated reason, I had to generate a new certificate. My task was to remove the user certificate from my profile's certificate store, and replace with the new certificate. The replacement was perfect: Delete the old certificate, import the new certificate. Enter the cert password, and see the new certificate, with its new serial ID listed in Firefox's certificate store. When I try to visit the TLS secured URL, Firefox gives "Secure Connection Failed" and "SEC_ERROR_BAD_SIGNATURE". It says "Peer has an invalid signature." I'm at a loss how to proceed troubleshooting this.
Zitieren

Mehr Details zum System

Installierte Plugins

  • Shockwave Flash 32.0 r0

Anwendung

  • User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:74.0) Gecko/20100101 Firefox/74.0

Weitere Informationen

Fragesteller

I have not found a solution for this issue. Any help is appreciated.

I have not found a solution for this issue. Any help is appreciated.
Hat Ihnen das weitergeholfen?
Zitieren
cor-el
  • Top 10 Contributor
  • Moderator
17846 Lösungen 161524 Antworten
Veröffentlicht

Does it work if you rename/remove cert9.db (and cert8.db when present) in the profile folder ?

hYou can use the button on the "Help -> Troubleshooting Information" (about:support) page to go to the current Firefox profile folder or use the about:profiles page.

Does it work if you rename/remove cert9.db (and cert8.db when present) in the profile folder ? hYou can use the button on the "Help -> Troubleshooting Information" (about:support) page to go to the current Firefox profile folder or use the <b>about:profiles</b> page. *Help -> Troubleshooting Information -> Profile Folder/Directory:<br>Windows: Open Folder; Linux: Open Directory; Mac: Show in Finder *https://support.mozilla.org/en-US/kb/profiles-where-firefox-stores-user-data

Geändert am von cor-el

Hat Ihnen das weitergeholfen?
Zitieren

Fragesteller

Thank you for your response.

I renamed the cert9.db to cert9.db.old. No cert8.db file was present in the profile directory.

I restarted Firefox completely. No effect. I am still unable to connect to the URL. The error is different: PR_END_OF_FILE_ERROR

Thank you for your response. I renamed the cert9.db to cert9.db.old. No cert8.db file was present in the profile directory. I restarted Firefox completely. No effect. I am still unable to connect to the URL. The error is different: PR_END_OF_FILE_ERROR

Geändert am von NDeMarco

Hat Ihnen das weitergeholfen?
Zitieren
dkeeler 0 Lösungen 8 Antworten
Veröffentlicht

Did you re-import your client certificate after renaming cert9.db?

Did you re-import your client certificate after renaming cert9.db?
Hat Ihnen das weitergeholfen?
Zitieren
Stellen Sie eine Frage

Sie müssen sich mit Ihrem Benutzerkonto anmelden, um auf Beiträge zu antworten. Bitte stellen Sie eine neue Frage, wenn Sie noch kein Benutzerkonto haben.