X
Tap here to go to the mobile version of the site.

Support Forum

Certificate error while accessing a site

Posted

Hi, We are having certificate issues while accessing url https://rmsstage.resolvecloudbase.co.nz We verified that the certificates used by this url are valid and the same certificates are being used by https://rmsstaging.resolvecloudbase.co.nz and this site can be accessed without any issues.

One more thing: After accessing https://rmsstaging.resolvecloudbase.co.nz , when we access https://rmsstaging.resolvecloudbase.co.nz then there are no issues reported until we delete file cert9.db from the Profile Folder. Can you please advise what could be the issue. Thanks Praveen

Hi, We are having certificate issues while accessing url https://rmsstage.resolvecloudbase.co.nz We verified that the certificates used by this url are valid and the same certificates are being used by https://rmsstaging.resolvecloudbase.co.nz and this site can be accessed without any issues. One more thing: After accessing https://rmsstaging.resolvecloudbase.co.nz , when we access https://rmsstaging.resolvecloudbase.co.nz then there are no issues reported until we delete file cert9.db from the Profile Folder. Can you please advise what could be the issue. Thanks Praveen
Quote

Additional System Details

Application

  • User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.131 Safari/537.36

More Information

FredMcD
  • Top 10 Contributor
4220 solutions 58909 answers

I had no problem with the links. What's your computer system and Firefox version?

Please explain the problem in detail. What happens? What is the exact error messages?

I had no problem with the links. What's your computer system and Firefox version? Please explain the problem in detail. What happens? What is the exact error messages?
Was this helpful to you?
Quote

Question owner

Hi, the OS is Windows 10 and the firefox version is Firefox Quantum 66.0.5 (64 bit). I have attached the steps to replicate the issue. If we are using the same certificate for 2 sites, why does it gives warning for one site and works smoothly for the other. I have also attached the screenshots of the steps we are using to replicate the issue. Thanks

Hi, the OS is Windows 10 and the firefox version is Firefox Quantum 66.0.5 (64 bit). I have attached the steps to replicate the issue. If we are using the same certificate for 2 sites, why does it gives warning for one site and works smoothly for the other. I have also attached the screenshots of the steps we are using to replicate the issue. Thanks
Was this helpful to you?
Quote
jscher2000
  • Top 10 Contributor
8632 solutions 70600 answers

Okay, I think what you have demonstrated is that one host is not sending the intermediate certificate(s) needed to complete the chain of trust between the site certificate and the root. However, when Firefox receives the intermediate certificate from the other host, it saves it in cert9.db and uses that to bridge gaps for any hosts that do not send it.

This test confirms the incomplete chain diagnosis: https://www.ssllabs.com/ssltest/analyze.html?d=rmsstage.resolvecloudbase.co.nz

It also says:

  • This server is vulnerable to the Return Of Bleichenbacher's Oracle Threat (ROBOT) vulnerability. Grade set to F.
  • This server is vulnerable to MITM attacks because it supports insecure renegotiation. Grade set to F.

So your configuration may need to be checked in a little more depth than simply adding the missing certificate file!

The other one has some issues as well:

https://www.ssllabs.com/ssltest/analyze.html?d=rmsstaging.resolvecloudbase.co.nz

Okay, I think what you have demonstrated is that one host is not sending the intermediate certificate(s) needed to complete the chain of trust between the site certificate and the root. However, when Firefox receives the intermediate certificate from the other host, it saves it in cert9.db and uses that to bridge gaps for any hosts that do not send it. This test confirms the incomplete chain diagnosis: https://www.ssllabs.com/ssltest/analyze.html?d=rmsstage.resolvecloudbase.co.nz It also says: * This server is vulnerable to the Return Of Bleichenbacher's Oracle Threat (ROBOT) vulnerability. Grade set to F. * This server is vulnerable to MITM attacks because it supports insecure renegotiation. Grade set to F. So your configuration may need to be checked in a little more depth than simply adding the missing certificate file! The other one has some issues as well: https://www.ssllabs.com/ssltest/analyze.html?d=rmsstaging.resolvecloudbase.co.nz
Was this helpful to you?
Quote
Ask a question

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.