You are not logged in.

#1 2016-11-21 15:45:33

jskier
Member
From: Minnesota, USA
Registered: 2003-07-30
Posts: 383
Website

Firefox 50, error with key pinning transparent proxy

Hi,

I've noticed that when I upgraded to Firefox 50, certain SSL domains (google.com, mozilla.org|net) error out.

Secure Connection Failed

An error occurred during a connection to accounts.google.com. The server uses key pinning (HPKP) but no trusted certificate chain could be constructed that matches the pinset. Key pinning violations cannot be overridden. Error code: MOZILLA_PKIX_ERROR_KEY_PINNING_FAILURE

    The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
    Please contact the website owners to inform them of this problem.

The issue appears only present in Firefox 50 ArchLinux (Windows works fine behind on the proxy). I would think it would be an issue with the proxy server (works when bypassed), but the fact that FF 50 in Windows doesn't have the problem is peculiar.


--
JSkier

Offline

#2 2016-12-08 10:57:52

idovitz
Member
Registered: 2011-08-24
Posts: 7

Re: Firefox 50, error with key pinning transparent proxy

Hi,

Same problem here in our company. Behind mitm ssl scanning proxy with proxy certificate installed. No problems with Mozilla windows and linux build.. And also no problems when switching proxy off in Arch firefox. Our firewall is then a transparent mitm proxy. Opened a bug report https://bugs.archlinux.org/task/52080

grtz,
Ido

Offline

Board footer

Powered by FluxBB