Thank you so much for your response as I am still battling this issue. I agree that the site is probably not using best practices (my guess) ...
The site is https://bankruptcylink.com After the home page, the error comes up when you click the "Login" button. The user is also unable to user IE or Chrome with this site. Any diagnostic anything you have to offer would be appreciated. I'm downloading v37 now to see if that helps. On Tue, Apr 28, 2015 at 12:38 PM, Kai Engert <k...@kuix.de> wrote: > On Thu, 2015-04-23 at 13:11 -0700, rebecca.c...@gmail.com wrote: > > Accessing https site that is used by the entire state of Indiana. My > > office is apparently the only office that cannot access the site. Well, > > that is to say, half of my office cannot access the site, the other > > half can access it with no problem. All are using Firefox 36.0.4, all > > were previously able to access the site. > > > > I no longer see a "security.use_mozillapkix_verification" setting in > > about:config - what is preventing some firefox users from accessing > > this site? > > Hello Rebecca, > > the setting security.use_mozillapkix_verification has been removed, I > believe it's gone since Firefox 32. Since then, Firefox only uses the > new code. > > You say you aren't able to access that site. First, it means that site > isn't following best practices. If the entire state of Indiana is > required to use that site, then it would be very good to fix that site. > Is it a public Internet site, or some internal/intranet site? > > Is my assumption correct, that you cannot access the site, because you > are unable to "add an override", like Firefox usually allows with other > bad sites? > > There was a regression bug in Firefox 36 which made it impossible to > "add an override" for certain scenarios that result in the > ca_cert_invalid error message. > (That was https://bugzilla.mozilla.org/show_bug.cgi?id=1138332 ) > > Unfortunately, it was too late to get that bug fixed in Firefox 36. > > However, Firefox 37, which was released end of March 2015, contained a > fix for this issue. > > Are you able to upgrade to Firefox 37 and see if it fixes your issue? > > If it doesn't, then could you please send us additional information > about the server? If it's a server on the public Internet, then we'd > need to know the server address (www...), or, if it's an Intranet > server, then someone would have to save a copy of the certificates used > by the server, which can be retrieved by running diagnostic utilities. > Let us know if you'd like to have instructions on how to do that. > > Regards > Kai > > > -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
