Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

Decryption: sec_error_reused_issuer_and_serial

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Decryption: sec_error_reused_issuer_and_serial

L4 Transporter

Hey all,

I am having problems with decryption. The PA decrypts https websites, but when I surf to that website a few hours later, I receive the following error in firefox:

I haven't tried yet in IE or Chrome. I have this problem for various websites, not just gmail (I already had the problem with paloaltonetworks.com)

The issue is resolved when restarting the browser.

I was wondering if anyone has experienced the same behaviour?

More info:

The root CA has been added to the trusted root certificates of Firefox, so there is no invalid certificate warning in Firefox.

Kind regards

9 REPLIES 9

L6 Presenter

do you have any client security software on that pc ?

L1 Bithead

Error code: sec_error_reused_issuer_and_serial | Firefox Support Forum | Mozilla Support it's seems to be a problem with  ESET Smart Security . go to the program interface: setup>enter advanced setup>extend web and email tree>choose SSL> at SSL protocol checking choose "Do not scan SSL protocol. then press OK.

If you don have ESET maybe its your antivirus, you can try adding the CA to the computer instead the browser.

I have TendMicro Officescan, but even when I disable it (unload), I get the error. If it would be my anti-virus etc, I would expect it to block it for other browsers to. When I get the error in Firefox, I can perfectly get to the site using IE or Chrome.

Since it also works when restarting Firefox, I think it is Firefox related.

The trusted root CA from the PA has been imported on the system CA store and in the Firefox browser

L7 Applicator

I see the same problem with similar behaviors.  It only happens with Firefox and not IE or Chrome.  I am using SSL decryption, and the certificate has been imported both into Windows, as well as Firefox. 

L0 Member

We are also seeing this.  It only started happening after upgrading the firewall to 6.0.  It only seems to affect Firefox.  With Chrome we are able to close out and open back up and it "seems" to work.

L1 Bithead

Same problem here, after upgrade to 6.0.1.

Tried to use another CA certificate, but the problem still exists..

L5 Sessionator

Hi Bdeschut,

This is a known issue and the fix will be available in next release of 6.0 train. Issue is with firefox where you see an error "sec_error_reused_issuer_and_serial" on browser. Hope this helps.

6.0.2 is available and the Rls Notes showing a fix for this now as announced by ssharma. I'll install it right now and will run some tests tomorrow.

Great! I'll upgrade and enable ssl decryption again. I'll update in a few days if the problem has been resolved.

  • 6471 Views
  • 9 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!