Project

General

Profile

Actions
Copy link

Bug #4164

open

Reinstalling Foreman triggers "sec_error_reused_issuer_and_serial" error in Firefox

Added by Dominic Cleal over 11 years ago. Updated over 11 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Foreman modules
Target version:
-
Difficulty:
Triaged:
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

When reinstalling Foreman, a new Puppet CA and master cert is generated with a serial number of "1" and "2" respectively. Firefox will remember the issuer (which won't change) and the serial number and throw an SSL mismatch error "sec_error_reused_issuer_and_serial".

Workaround:
Go to Firefox's preferences, Advanced tab, Encryption tab, click View Certificates, Servers tab and delete any entries for your server's hostname in that list. Close the browser completely, reopen and then hopefully it'll prompt you again to add an exception.

(https://bugzilla.redhat.com/show_bug.cgi?id=1055169)

Related issues 1 (0 open1 closed)

Has duplicate Packaging - Bug #6906: annoying sec_error_reused_issuer_and_serialDuplicate08/04/2014Actions
Actions
Copy link
 #1

Updated by Dominic Cleal over 11 years ago

Unfortunately the Puppet CA serial handling is pretty monotonic and it always starts from 1. My only thought is if we can influence what the starting serial number is going to be, or perhaps get Puppet to use date stamps etc instead.

Actions
Copy link
 #2

Updated by Dominic Cleal over 11 years ago

  • Description updated (diff)
Actions
Copy link
 #3

Updated by Dominic Cleal almost 11 years ago

  • Has duplicate Bug #6906: annoying sec_error_reused_issuer_and_serial added
Actions
Copy link

Also available in: Atom PDF