Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Lolu chungechunge lwabekwa kunqolobane. Uyacelwa ubuze umbuzo omusha uma udinga usizo.

Firefox isn't trusting a replaced user certificate.

  • 4 uphendule
  • 1 inale nkinga
  • 19 views
  • Igcine ukuphendulwa ngu dkeeler

more options

I access one TLS URL that's secured by user certificate. I had no problem importing the .p12 certificate into my profile's user certificate store ("Your Certificates"), and I could access the URL.

On the TLS URL system, for an unrelated reason, I had to generate a new certificate. My task was to remove the user certificate from my profile's certificate store, and replace with the new certificate.

The replacement was perfect: Delete the old certificate, import the new certificate. Enter the cert password, and see the new certificate, with its new serial ID listed in Firefox's certificate store.

When I try to visit the TLS secured URL, Firefox gives "Secure Connection Failed" and "SEC_ERROR_BAD_SIGNATURE". It says "Peer has an invalid signature."

I'm at a loss how to proceed troubleshooting this.

I access one TLS URL that's secured by user certificate. I had no problem importing the .p12 certificate into my profile's user certificate store ("Your Certificates"), and I could access the URL. On the TLS URL system, for an unrelated reason, I had to generate a new certificate. My task was to remove the user certificate from my profile's certificate store, and replace with the new certificate. The replacement was perfect: Delete the old certificate, import the new certificate. Enter the cert password, and see the new certificate, with its new serial ID listed in Firefox's certificate store. When I try to visit the TLS secured URL, Firefox gives "Secure Connection Failed" and "SEC_ERROR_BAD_SIGNATURE". It says "Peer has an invalid signature." I'm at a loss how to proceed troubleshooting this.

All Replies (4)

more options

I have not found a solution for this issue. Any help is appreciated.

more options

Does it work if you rename/remove cert9.db (and cert8.db when present) in the profile folder ?

hYou can use the button on the "Help -> Troubleshooting Information" (about:support) page to go to the current Firefox profile folder or use the about:profiles page.

Okulungisiwe ngu cor-el

more options

Thank you for your response.

I renamed the cert9.db to cert9.db.old. No cert8.db file was present in the profile directory.

I restarted Firefox completely. No effect. I am still unable to connect to the URL. The error is different: PR_END_OF_FILE_ERROR

Okulungisiwe ngu NDeMarco

more options

Did you re-import your client certificate after renaming cert9.db?