Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

client certificate authentication not working in FF4?

prg_sol_
Occasional Contributor
‎03-30-2011 10:25:AM
‎03-30-2011 10:25:AM

client certificate authentication not working in FF4?

Hi all,

I upgraded to Firefox 4 yesterday and today I found out I can't connect to our SA boxes. I'm getting the following error after I submit my credentials:

Secure Connection Failed
An error occurred during a connection to ****.
Renegotiation is not allowed on this SSL socket.
(Error code: ssl_error_renegotiation_not_allowed)

It only occurs when using 2-factor authentication with the second factor being a user certificate, but we use it a lot. I tried it with IVE versions 6.5r2 and 7.0R4 and the result is the same.


0 Kudos
3 REPLIES 3
prg_sol_
Occasional Contributor
‎03-30-2011 10:32:AM
‎03-30-2011 10:32:AM

Re: client certificate authentication not working in FF4?

Hmm, it seem it was intentional on Firefox side. And according to http://en.wikipedia.org/wiki/Transport_Layer_Security it can break the client certificate authentication.

So one option would be to enable the renegotiation temporarily (http://dotomaz.tumblr.com/post/786443743/firefox-4-0b1-and-ssl-renegotiation), until a better solution is found.

0 Kudos
r-tec_
New Contributor
‎05-03-2011 01:02:AM
‎05-03-2011 01:02:AM

Re: client certificate authentication not working in FF4?

hey the mentioned setting is true for ALL connections! Think about to set just:

security.ssl.renego_unrestricted_hosts

and enter your exception like:

webmail.example.com

Trackback: https://support.mozilla.com/de/questions/744718 (comment by ssd28)

Update: look at: http://kb.pulsesecure.net/InfoCenter/index?page=content&id=KB20762

0 Kudos
zanyterp_
Respected Contributor
‎05-10-2011 11:18:AM
‎05-10-2011 11:18:AM

Re: client certificate authentication not working in FF4?

that message for the renegotiation is correct behavior until an upgrade to 7.1Rx is done.
0 Kudos
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.