This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SEC_ERROR_BAD_SIGNATURE only in Firefox Vibe 4.0.6

Hallo,

now we bring our Vibe 4.0.6 to our Users, but we had an Problem with Firefox (66). We became the Error "SEC_ERROR_BAD_SIGNATURE. If we restart the vibe deamon, it work, but after an time x it don´t work anymore in Firefox, but in IE, Chrome and Edge all is fine.

We use our own certificates an these are in the windows certification store, in Firefox we insert an file, so that Firefox use the windows certification store as well, and it worked.

If you tell me, that I must install the Patch for vibe 4.0.6, so I must told you, that we can´t download them. For any reason, we can´t do this.
  • 0
    Hi landrich,
    had the same problem, try changing to only support TLSv1.2

    /opt/novell/teaming/apache-tomcat/conf/server.xml:

    <Connector port="8443" protocol="org.apache.coyote.http11.Http11Nio2Protocol" maxThreads="200" SSLEnabled="true" acceptCount="0" protocols="TLSv1.2">
    <SSLHostConfig SSLProtocol="TLSv1.2" sslEnabledProtocols="TLSv1.2" protocols="TLSv1.2" ciphers="HIGH:!EXP:!aNULL:!MD5@STRENGTH">
    <Certificate certificateKeystoreFile="conf/.keystore" certificateKeystorePassword="XXX" certificateKeyAlias="tomcat" type="RSA"/>
    </SSLHostConfig>
    </Connector>


    cu Sven
  • 0 in reply to 
    Hi Sven,

    if I look to my server.xml, I would say that all TLS-versions are supported by ouer Vibe

    <Connector port="8443" protocol="org.apache.coyote.http11.Http11Nio2Protocol" maxThreads="200" SSLEnabled="true" acceptCount="0">
    <SSLHostConfig sslProtocol="TLS" protocols="all" ciphers="HIGH:!3DES:!EXP:!aNULL:!MD5">
    <Certificate certificateKeystoreFile="conf/.keystore" certificateKeystorePassword="XXXXXXX" certificateKeyAlias="tomcat" type="RSA"/>

    </SSLHostConfig>

    </Connector>


    And If this is the problem, why do it work after reboot the vibe deamon, and at an time X it stop working only for Firefox, and only if you open an new session, whit an existing session with cash data from vibe the error doesn´t appeare.

    but I will try it if the problem appears next time
  • 0 in reply to 
    I think I found the problem, it looks like the datasync is the Problem, for now In stopped the Vibe Connector, I we will see if the error came back or not.

    I can´t understand, why Micro Focus doesn´t give us the possibility to sync our vibe and Groupwise calenders. It is possible to integrate vibe to Groubwise client, but not to sync calenders
  • 0
    I was also seeing this for a little while after getting FireFox 66. It would work fine for half a day or so after restarting Vibe.
    I have a public wildcard certificate that has worked for several years and still worked fine with Edge, Chrome, IE11, etc.
    I fairly recently got an update to FireFox (66.0.3) and the problem went away.
  • 0 in reply to 
    I have had reports that setting Vibe to only support TLS1.2 has caused issues with GroupWise integrations and the Desktop application. That is still being looked into.
  • 0
    One note on the Patch 1, I had a few reports of people who could not see the patch on the download site. Clearing their Browser Cache and restarting the Browser seemed to solve that. Not sure why.
  • 0 in reply to 
    The problem is still there, I changed the server.xml like Sven sad I stopped the Vibe connector in Datasync and delete the application on vibe, but after hours of working, the error appeared again.

    And we still use Firefox 66.0.3.

    The big question is, why only in Firefox, and why only after several hours of working fine.

    We installed our RootCA and our VibeCA to windows certificationstore, and in firefox we implemented under "C:\Program Files\Mozilla Firefox\defaults\pref" an trustwincerts.js with the code

    /* Allows Firefox reading Windows certificates */    
    pref("security.enterprise_roots.enabled", true);


    so that firefox uses the windows certifikationstore but on PC´s without that .js the error also appears

    But I can´t create an cronjob and start the vibedeamon evry hour, that can´t be the solution.

    And the most of our users use firefox, there are only a handful users using Chrome, Edge or IE


    @ imessager

    at the Customer Center I can see that there is an Patch, but I can´t download, the is a Padlock, on if I try to download from the Link in the readme file, I became the message that I´m not authorized to download that file, so I can download Vibe 4.0.6 but not the Patch, I think after eastern I will contact Micro Focus why.
  • 0

    Hello All,

    I must refuse my fix to switch to TLS1.2.

    Today I rebooted my vibe Server and Firefox got the BAD SIGNATURE error even with my "fix", Chrome was working fine. After that I restarted only the vibe service and firefox started to work again.

    Also GroupWise integration is not working with my TLS 1.2...

    Has anyone some more Ideas on this. We are using a wildcard certificate from GoDaddy.

    cu SveN

  • 0 in reply to 

    Hi,

    after month of working fine without the Datasync, now the probleme appears again, now we are using Firefox 68.0.2

    Because we had no time for the probleme with the not working Patch 1-link, we still not have installed it yet.

    I was on vacation and today it is my first day after, I only had an mail from my colleague, that he restart the Server after an update and restart the server, the error appears. I don´t know wich update because now my colleague is on vacation. also he informed me, thtat there are same PC, without the error, I think there will be an older Firefox installed. Chrome, IE and Edge work fine.

  • 0 in reply to 

    We have this problem too, for months we have to manually restart vibe service again and again, 20 - 30 times a day.

    It is frustrating!

    Is there hope that this will be repaired?

    Thank you

    Michal Hradecky