Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
10-10-2013 10:33 AM
Hey all,
I am having problems with decryption. The PA decrypts https websites, but when I surf to that website a few hours later, I receive the following error in firefox:
I haven't tried yet in IE or Chrome. I have this problem for various websites, not just gmail (I already had the problem with paloaltonetworks.com)
The issue is resolved when restarting the browser.
I was wondering if anyone has experienced the same behaviour?
More info:
The root CA has been added to the trusted root certificates of Firefox, so there is no invalid certificate warning in Firefox.
Kind regards
10-12-2013 08:54 AM
Error code: sec_error_reused_issuer_and_serial | Firefox Support Forum | Mozilla Support it's seems to be a problem with ESET Smart Security . go to the program interface: setup>enter advanced setup>extend web and email tree>choose SSL> at SSL protocol checking choose "Do not scan SSL protocol. then press OK.
If you don have ESET maybe its your antivirus, you can try adding the CA to the computer instead the browser.
10-14-2013 01:55 PM
I have TendMicro Officescan, but even when I disable it (unload), I get the error. If it would be my anti-virus etc, I would expect it to block it for other browsers to. When I get the error in Firefox, I can perfectly get to the site using IE or Chrome.
Since it also works when restarting Firefox, I think it is Firefox related.
The trusted root CA from the PA has been imported on the system CA store and in the Firefox browser
10-14-2013 02:37 PM
I see the same problem with similar behaviors. It only happens with Firefox and not IE or Chrome. I am using SSL decryption, and the certificate has been imported both into Windows, as well as Firefox.
03-11-2014 08:25 AM
We are also seeing this. It only started happening after upgrading the firewall to 6.0. It only seems to affect Firefox. With Chrome we are able to close out and open back up and it "seems" to work.
04-15-2014 06:44 PM
Hi Bdeschut,
This is a known issue and the fix will be available in next release of 6.0 train. Issue is with firefox where you see an error "sec_error_reused_issuer_and_serial" on browser. Hope this helps.
04-24-2014 01:37 PM
6.0.2 is available and the Rls Notes showing a fix for this now as announced by ssharma. I'll install it right now and will run some tests tomorrow.
04-24-2014 11:43 PM
Great! I'll upgrade and enable ssl decryption again. I'll update in a few days if the problem has been resolved.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
