Hi Phil, this is probably something the pkix team should look at. can you file a bug under Core/Security:PSM ?
On Thu, Oct 2, 2014 at 11:51 PM, Phil Davis <davpj...@ozemail.com.au> wrote: > I am accessing pfSense router/s that have self-generated certificates so > obviously they do not validate publicly. Prior to Firefox 31 I had the > security warning and had clicked through to add the certificate for a > number of these routers on our internal networks. > The list of certificates in Firefox then included a bunch under the name > "CompanyName". > After upgrade to Firefox 31 it started taking a long time (15-20 seconds) > to bring up the login page to these routers. During that time the CPU was > running 100%. Then after login, every few minutes Firefox would use 100% > CPU for a minute or 2, becoming effectively unresponsive in any tab. > I tried Firefox 24, 28, 29, 30 - none of these had the symptoms. > Tried Firefox 31, 32, 33 (beta) and 34 (aurora). They all had the symptoms > described. > Looking in pfSense forums I discovered this post - > https://forum.pfsense.org/index.php?topic=82295.0 > I deleted the certificates under "CompanyName". > Now display time for the Login page is back to normal, and Firefox CPU > time is not going crazy every few minutes. > Maybe there is something that can be done to hep this situation? Maybe > these old "private" certificates need to be cleaned out on upgrade? Or > maybe something in the code that is going nuts trying to validate these > "private" certificates needs to be fixed? > -- > dev-tech-crypto mailing list > dev-tech-crypto@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-tech-crypto > > -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
