X
Tap here to go to the mobile version of the site.
Your Firefox is out of date and may contain a security risk! Upgrade Firefox

Support Forum

we are the owner of plimus.com and some of our Firefox Users are getting the following error when browsing our site - SSL:SSL_ERROR_RX_UNEXPECTED_NEW_SESSION_TICKET

Posted

While Browsing our site with FIREFOX (any version and only with firefox) some amount of users are complaining that from time to time they are getting an SSL error that may be connected to FIREFOX TLS.


the error is: "SSL_ERROR_RX_UNEXPECTED_NEW_SESSION_TICKET "

Technical info: We are using APACHE2 (TLS Enable and SSL V3) and Tomcat as back end. OS - Redhat FW - Cisco ASA Certificate - VeriSign Wildcard


Some URLs that are affected: https://www.plimus.com/jsp/buynow.jsp?contractId=1724988 or https://secure.plimus.com/jsp/buynow.jsp?contractId=2598796

thank you.

Modified by yanivomc

Additional System Details

Sites Affected

https://www.plimus.com/jsp/buynow.jsp?contractId=1724988

Installed Plug-ins

  • Google Update
  • Shockwave Flash 10.2 r152
  • iTunes Detector Plug-in
  • Fortinet SSL VPN CacheClean Firefox Plugin
  • Fortinet SSL VPN FortiControl Firefox Plugin
  • 4.0.60310.0
  • Office Authorization plug-in for NPAPI browsers
  • The plug-in allows you to open and edit files using Microsoft Office applications
  • Office Live Update v1.4
  • NPWLPG
  • NVIDIA 3D Vision plugin for Mozilla browsers
  • NVIDIA 3D Vision Streaming plugin for Mozilla browsers
  • BlackBerry WebSL Browser Plug-In
  • 3DVIA player(5.0.0.12). For more information, visit the 3DVIA player web site.
  • Next Generation Java Plug-in 1.6.0_17 for Mozilla browsers
  • Adobe PDF Plug-In For Firefox and Netscape 10.0.1
  • The QuickTime Plugin allows you to view a wide variety of multimedia content in Web pages. For more information, visit the QuickTime Web site.

Application

  • User Agent: Mozilla/5.0 (Windows NT 6.1; rv:6.0) Gecko/20100101 Firefox/6.0

More Information

alan_r 58 solutions 753 answers

I can't get into https://support.plimus.com/jsp/admin_login.jsp? on Fx6, IE9, Opera or Google Chrome.

plimus.com is not a problem nor, for example, (from Google) is https://support.plimus.com/jsp/support.jsp

Sorry, I can't help more than that but it doesn't look like a Firefox problem to me.

alan_r 58 solutions 753 answers

Feedback? Can anyone else open it with other browsers? Please let us know if you find the cause of the problem.

Modified by alan_r

Question owner

Sorry the URL was a mistake the right one is https://www.plimus.com/jsp/buynow.jsp?contractId=1724988

the other is blocked with FW.

Question owner

Hi guys, any 1 has an idea about this matter?

thanks

efuentes 0 solutions 1 answers

I have the same problem. Any news ?

Thanks,

cor-el
  • Top 10 Contributor
  • Moderator
10761 solutions 96848 answers

Google Chrome reports on https://www.plimus.com/jsp/buynow.jsp?contractId=1724988

Your connection to www.plimus.com is encrypted with 256-bit encryption.

The connection uses SSL 3.0.

The connection is encrypted using AES_256_CBC, with SHA1 for message authentication and DHE_RSA as the key exchange mechanism.

The connection is not compressed.

The connection had to be retried using SSL 3.0. This typically means that the server is using very old software and may have other security issues.

It works in Firefox if I disable TLS 1.0, so there is definitely something wrong with that server.

Question owner

Hi Cor-el, what type of old software you talking about?

APACHE?, OPEN_SSL? redhat?


thank you for your help

cor-el
  • Top 10 Contributor
  • Moderator
10761 solutions 96848 answers

I don't know.
I'm not an expert with configuring server or SSL.
I assume that it is the server software and that an updated SSL package that supports TLS properly needs to be installed or updated on the server.

It was Google Chrome that gave me the idea to check Firefox with TLS 1.0 disabled.
Firefox seems to cache it because I didn't get the error now with TLS enabled and only after using Clear Recent History to clear the "Active Logins" then I got the SSL error page back and not via a reload with bypassing the cache (Ctrl+F5).


Question owner

Hi, first i'd like to thank you for your help Cor-el but that's not the case in our end. i'm using latest Apache and OPENSSL versions on our servers.

can you send me the URL for tool that you used for testing in google chrome (or it was the browser itself?)

i'll be happy to know if you or anyone else has any other ideas or comments...

thanks