Compare Revisions
Certificate contains the same serial number as another certificate
Revision 303084:
Revision 303084 by AliceWyman on
Revision 304220:
Revision 304220 by AliceWyman on
Keywords:
Search results summary:
Why Firefox may show you a Secure Connection Failed error when you try to access the configuration page for your router and what to do.
Why Firefox may show you a Secure Connection Failed error when you try to access the configuration page for your router and what to do.
Content:
You may see the following error when attempting to access a router's configuration page:<br>
[[Image:Fx63-SecureConnectionFailed-ReusedIssuer]]
{note}'''Note:''' Unlike [[What do the security warning codes mean?|other security warnings]], a [[Fix secure connection failed errors in Firefox|Secure Connection Failed]] error page does not allow you to bypass the error.{/note}
The error page will include the message, ''Your certificate contains the same serial number as another certificate issued by the certificate authority. Please get a new certificate containing a unique serial number. Error code: SEC_ERROR_REUSED_ISSUER_AND_SERIAL''. This article describes the cause of this problem and how to work around it.
= Cause =
Older routers will sometimes improperly regenerate their security certificates instead of keeping the same one for the life of the device. If you have added a permanent security exception for your router, and if this regeneration is done improperly, Firefox will detect the change as a possible attack.
= Solution =
A long term solution for older routers is to contact your hardware vendor and see if updates are available for your device which fix this problem.
= Workaround =
If you are confident that no attack has occurred, you can work around the problem by removing previously saved exceptions generated by the same server or device.
Most likely the exception with the duplicate serial number will be on the Servers tab. Look for ones you've added; ignore the ones that list * as the server, which are global distrust entries added by Firefox.<!-- https://support.mozilla.org/en-US/questions/1244449#answer-1183031 -->
To delete your old exception:
# [[T:optionspreferences]]
# Select the {menu Privacy & Security} panel.
# Scroll down to the '''Certificates''' section.
# Click {button View Certificates} to open the Certificate Manager window.
# In the Certificate Manager window click on the {menu Servers} tab.
# Find the item that corresponds to the site that generates the error. Note the Certificate Authority (CA) for that server - the CA name appears above the site name.
# Click on the server certificate that corresponds to the site that generates the error and press {button Delete...}.
# Click {button OK} when prompted to delete the exception.
# Click on the {menu Authorities} tab.
# Click on the item that corresponds to the CA that you noted earlier and then press {button Delete or Distrust...}.
# Click {button OK} when prompted to delete the exception.
# Click {button OK} close the Certificate Manager window.
# [[T:closeOptionsPreferences]]
You may see the following error when attempting to access a router's configuration page:<br>
[[Image:Fx63-SecureConnectionFailed-ReusedIssuer]]
{note}'''Note:''' Unlike [[What do the security warning codes mean?|other security warnings]], a [[Secure connection and security warning error pages in Firefox|Secure Connection Failed]] error page does not allow you to bypass the error.{/note}
The error page will include the message, ''Your certificate contains the same serial number as another certificate issued by the certificate authority. Please get a new certificate containing a unique serial number. Error code: SEC_ERROR_REUSED_ISSUER_AND_SERIAL''. This article describes the cause of this problem and how to work around it.
= Cause =
Older routers will sometimes improperly regenerate their security certificates instead of keeping the same one for the life of the device. If you have added a permanent security exception for your router, and if this regeneration is done improperly, Firefox will detect the change as a possible attack.
= Solution =
A long term solution for older routers is to contact your hardware vendor and see if updates are available for your device which fix this problem.
= Workaround =
If you are confident that no attack has occurred, you can work around the problem by removing previously saved exceptions generated by the same server or device.
Most likely the exception with the duplicate serial number will be on the Servers tab. Look for ones you've added; ignore the ones that list * as the server, which are global distrust entries added by Firefox.<!-- https://support.mozilla.org/en-US/questions/1244449#answer-1183031 -->
To delete your old exception:
# [[T:optionspreferences]]
# Select the {menu Privacy & Security} panel.
# Scroll down to the '''Certificates''' section.
# Click {button View Certificates} to open the Certificate Manager window.
# In the Certificate Manager window click on the {menu Servers} tab.
# Find the item that corresponds to the site that generates the error. Note the Certificate Authority (CA) for that server - the CA name appears above the site name.
# Click on the server certificate that corresponds to the site that generates the error and press {button Delete...}.
# Click {button OK} when prompted to delete the exception.
# Click on the {menu Authorities} tab.
# Click on the item that corresponds to the CA that you noted earlier and then press {button Delete or Distrust...}.
# Click {button OK} when prompted to delete the exception.
# Click {button OK} close the Certificate Manager window.
# [[T:closeOptionsPreferences]]