topic Re: Decryption: sec_error_reused_issuer_and_serial in General Topics

Decryption: sec_error_reused_issuer_and_serial

${userLoginName} — Thu, 10 Oct 2013 17:33:57 GMT

Hey all,

I am having problems with decryption. The PA decrypts https websites, but when I surf to that website a few hours later, I receive the following error in firefox:

I haven't tried yet in IE or Chrome. I have this problem for various websites, not just gmail (I already had the problem with paloaltonetworks.com)

The issue is resolved when restarting the browser.

I was wondering if anyone has experienced the same behaviour?

More info:

The root CA has been added to the trusted root certificates of Firefox, so there is no invalid certificate warning in Firefox.

Kind regards

Re: Decryption: sec_error_reused_issuer_and_serial

Retired Member — Fri, 11 Oct 2013 16:24:35 GMT

do you have any client security software on that pc ?

Re: Decryption: sec_error_reused_issuer_and_serial

GLastra — Sat, 12 Oct 2013 15:54:14 GMT

Error code: sec_error_reused_issuer_and_serial | Firefox Support Forum | Mozilla Support it's seems to be a problem with ESET Smart Security . go to the program interface: setup>enter advanced setup>extend web and email tree>choose SSL> at SSL protocol checking choose "Do not scan SSL protocol. then press OK.

If you don have ESET maybe its your antivirus, you can try adding the CA to the computer instead the browser.

Re: Decryption: sec_error_reused_issuer_and_serial

${userLoginName} — Mon, 14 Oct 2013 20:55:01 GMT

I have TendMicro Officescan, but even when I disable it (unload), I get the error. If it would be my anti-virus etc, I would expect it to block it for other browsers to. When I get the error in Firefox, I can perfectly get to the site using IE or Chrome.

Since it also works when restarting Firefox, I think it is Firefox related.

The trusted root CA from the PA has been imported on the system CA store and in the Firefox browser

Re: Decryption: sec_error_reused_issuer_and_serial

jvalentine — Mon, 14 Oct 2013 21:37:06 GMT

I see the same problem with similar behaviors. It only happens with Firefox and not IE or Chrome. I am using SSL decryption, and the certificate has been imported both into Windows, as well as Firefox.

Re: Decryption: sec_error_reused_issuer_and_serial

snreynolds — Tue, 11 Mar 2014 15:25:38 GMT

We are also seeing this. It only started happening after upgrading the firewall to 6.0. It only seems to affect Firefox. With Chrome we are able to close out and open back up and it "seems" to work.

Re: Decryption: sec_error_reused_issuer_and_serial

mtijhoff — Wed, 09 Apr 2014 13:48:07 GMT

Same problem here, after upgrade to 6.0.1.

Tried to use another CA certificate, but the problem still exists..

Re: Decryption: sec_error_reused_issuer_and_serial

ssharma — Wed, 16 Apr 2014 01:44:41 GMT

Hi Bdeschut,

This is a known issue and the fix will be available in next release of 6.0 train. Issue is with firefox where you see an error "sec_error_reused_issuer_and_serial" on browser. Hope this helps.

Re: Decryption: sec_error_reused_issuer_and_serial

oschuler — Thu, 24 Apr 2014 20:37:25 GMT

6.0.2 is available and the Rls Notes showing a fix for this now as announced by ssharma. I'll install it right now and will run some tests tomorrow.

Re: Decryption: sec_error_reused_issuer_and_serial

${userLoginName} — Fri, 25 Apr 2014 06:43:05 GMT

Great! I'll upgrade and enable ssl decryption again. I'll update in a few days if the problem has been resolved.