Firefox isn't trusting a replaced user certificate.
I access one TLS URL that's secured by user certificate. I had no problem importing the .p12 certificate into my profile's user certificate store ("Your Certificates"), and I could access the URL.
On the TLS URL system, for an unrelated reason, I had to generate a new certificate. My task was to remove the user certificate from my profile's certificate store, and replace with the new certificate.
The replacement was perfect: Delete the old certificate, import the new certificate. Enter the cert password, and see the new certificate, with its new serial ID listed in Firefox's certificate store.
When I try to visit the TLS secured URL, Firefox gives "Secure Connection Failed" and "SEC_ERROR_BAD_SIGNATURE". It says "Peer has an invalid signature."
I'm at a loss how to proceed troubleshooting this.
All Replies (4)
I have not found a solution for this issue. Any help is appreciated.
Does it work if you rename/remove cert9.db (and cert8.db when present) in the profile folder ?
hYou can use the button on the "Help -> Troubleshooting Information" (about:support) page to go to the current Firefox profile folder or use the about:profiles page.
- Help -> Troubleshooting Information -> Profile Folder/Directory:
Windows: Open Folder; Linux: Open Directory; Mac: Show in Finder - https://support.mozilla.org/en-US/kb/profiles-where-firefox-stores-user-data
Ti ṣàtúnṣe
Thank you for your response.
I renamed the cert9.db to cert9.db.old. No cert8.db file was present in the profile directory.
I restarted Firefox completely. No effect. I am still unable to connect to the URL. The error is different: PR_END_OF_FILE_ERROR
Ti ṣàtúnṣe
Did you re-import your client certificate after renaming cert9.db?