Jump to content
support

Firefox Version 52 bug causing certificate issues for your Passwordstate website

Recommended Posts

When upgrading to Firefox 52, and having Windows Authentication enabled on your Passwordstate website, you will receive a Security issue in the browser where it won't accept your certificate.  You will not be able to put in an exception for your Passwordstate website and hence not be able to access your site at all. This is a bug in Firefox that we are unable to advise when this will be fixed, but it also occurs in the Developer Edition V.54.0

 

It can affect websites with self signed certificates, certificates generated from your AD store, or certificates purchased from a certificate authority.

 

A work around it to either downgrade Firefox to the previous version, or enable "Anonymous Authentication" on your Passwordstate website in IIS. 

 

If we find out any more information about this, we'll update this post.

Share this post


Link to post
Share on other sites

Hi Trexman,

 

This is a bug with Firefox, not Passwordstate - we will need to wait for Mozilla to fix it. The only suggested work around we have at this time is to enable Anonymous Authentication for the site.


Regards
Click Studios

Share this post


Link to post
Share on other sites
On 16/03/2017 at 11:23 AM, support said:

If we find out any more information about this, we'll update this post.

 

Do you have a Bugzilla link?

 

 

Share this post


Link to post
Share on other sites

No Sorry Sarge we don't - if you google SSL Certificate issues with Firefox, there are many many different articles, so we couldn't find one specifically.

 

If you wish to confirm this is a bug yourself, you can either enable Anonymous Authentication for your existing site, or follow these instructions below to create a test site - which proves this issue is not related to Passwordstate, but interaction with Firefox and IIS:

  1. Create a blank site in IIS and drop one html file into it
  2. Assign any SSL certificate to it - you create your own self-signed one if you want to
  3. Make sure only Anonymous Authentication is enabled for the site
  4. Access the site, and add the SSL certificate exception - you can then access the site
  5. Now enable Windows Authentication, and disable Anonymous, and you will not longer be able to access the site

Regards

Click Studios

Share this post


Link to post
Share on other sites

Wow, so within one month Mozilla have released a new major build- no wonder they are experiencing some bugs :)

 

Thanks for reporting back to us all trexman.

 

Regards

Click Studios

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×