Secure connection failed on a secure website (works on Android Firefox Release/Nightly and Firefox Desktop) #4954
Comments
I changed the title as I tested the same behaviour (showing https://www.salutelazio.it as insecure) on the device below. So it seems that the behaviour on the Huawei Oreo device is the exception, and not vice-versa. Device information
|
It seems to be issue in Firefox Stable, Beta, Nightly and Focus. Mobile Google Chrome enters this site normally. Desktop browsers are not affected. Tested onSamsung Galaxy A20s (Android 10) Nightly 2021-06-29T17:37:50.207 Beta 90.0.0-beta.6 (Build #2015818371) Focus 8.16.0 (Build #351481538 🦎 89.0-202105271 Stable 89.1.1 (Build #2015812945) (failed secure connection at the Samsung Galaxy J2 Prime (Android 6.1.1) only) |
Thanks for the feedback! For me it does work on Nightly 2021-06-28T17:31:51.595 though. On both aforementioned devices. I didn't try Beta. It still doesn't work on Focus. |
I think it is a web compatibility bug. |
I can't debug it. For me it only fails on Focus... But it seems strange, I mean what's not working is at the certificate verification stage, isn't it? Do you maybe have any hints on how could debug Focus? |
You can debug Nightly successfully on your Samsung? |
Correct. But that doesn't give me any useful info as that website does work for me on Nightly. Still, I'm open to suggestions! Thanks! |
I'll try to debug Focus on my device tomorrow. |
Thank you! |
Hello! I successfully debugged Focus on my device using desktop Firefox, but I don't know what info do you need. How I can provide it? |
Ideally I'd expect to see some kind of evaluation in the debug info during the SSL handshake/certificate validation... Are you able to isolate that section? |
No, I have some info, but it is not useful. |
I'm sorry about that. |
Thanks anyways! I guess I'll wait for somebody on the team to have more instructions. It is a very important website in Italy, especially right now with the COVID pandemic, it serves the whole Rome area (capital city), with COVID testing, vaccine info and booking, etc. |
I can open the same bug in the Fenix repository, because I too experiencing connection issues in the Firefox |
That makes sense. Thanks! |
Bugzilla issue: https://bugzilla.mozilla.org/show_bug.cgi?id=1718744 |
@mcarare, do you can provide a new info about this issue in the Bugzilla? |
Thanks! |
Wait, @Nickoriginal and @mcarare. What @Nickoriginal wrote about ESR got me thinking. I installed a fresh copy of Firefox ESR 78, no "GlobalSign RSA OV SSL CA 2018" intermediate in about:certificate. I visited https://salutelazio.it/ and got SEC_ERROR_UNKNOWN_ISSUER. I visit another website with full intermediate chain for "GlobalSign RSA OV SSL CA 2018" such as: In about:certificate I got "GlobalSign RSA OV SSL CA 2018" and https://salutelazio.it/ was secure. So I downloaded the PEM chain via curl of https://salutelazio.it/ and is missing the intermediate certificate so, @Nickoriginal, you were right. It's a server configuration issue: not all browser can trust the certificate without the intermediate being present in the chain! Thanks. I'll try to contact the webmaster. |
Preloading the intermediate certificates as described in bug 1520297 would also resolve this one automatically, while now it is tracked as INVALID. |
You did it? |
I did via multiple channels. No reply. It is managed by a govt contractor from what I understand, so it could take a while to have the email routed to the people able to act on it (there's no direct way to contact the tech dept). |
Steps to reproduce
Expected behavior
Firefox Focus should show that the connection is secure, as it is shown on Firefox Release and Nightly.
Actual behavior
A "Secure Connection Failed" page is showed.
Device information
Additional information
This doesn't happen on Focus 8.16.0 (same version) on an old Huawei Oreo device I have available.
I tried to enable USB/WiFi debug but I couldn't connect to Focus on the Samsung device, only to Nightly.
The text was updated successfully, but these errors were encountered: