We've had a couple of users recently complain about not being able to connect to the HTTPS version of our website (served via Apache) from Firefox. They error they receive is:
Secure Connection Failed
An error occurred during a connection to www.domain.com. Peer's
certificate has an invalid signature. (Error code:
sec_error_bad_signature)
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.
However, the vast majority of our users do not receive any kind of error here, and everything just works. I am also unable to reproduce it on my end.
My initial searching led me to believe this was a bug in Firefox, and indeed for one user the problem went away when Firefox upgraded itself. Another though has a fresh install of Firefox (from yesterday) and verified that he is on the latest stable version (38.0.1 as of this writing).
- I'm not sure if this is connected, but our SSL certificate does use SHA-1, which causes a separate issue in Chrome.
Any ideas on what might be causing this?
Best Answer
Today i had a client, which imported an invalid CA-Certificate with the same name (internal CA). This caused the
sec_error_bad_signatureerror.I removed the wrong CA certificate from Firefox Trusted Certificate store and reimported the correct one.