Apache SSL very slow response with Firefox Freezes/Loads Very slow when checking self-signed SSL certificate

I was sure this was a Centos bug with OpenSSL, Apache, MySQL or even PHP.  I tried everything but nothing helped.  One clue is that if you check the Apache logs you will see nothing in the access logs until minutes later (this means Firefox has not even passed your request to the remote Apache/htttpd server).

When even accepting the invalid certificate message that would show up minutes later when trying to "View the Certificate" Firefox would freeze.  This bug is present in even the latest Firefox 53.

Eventually I realized it was just with Firefox and I suspected it was related to the self-signed SSL certificate even though I've had no problems before.

This is the key there is a weird Firefox bug where it cannot handle multiples of the exact same certificate so for example if you are generating completely standard OpenSSL certificates by hitting "Enter" all the way through this will be an issue.  There are also some embeded devices and appliances which do this.

What is the solution:

This is certainly a Firefox bug but it's also bad and poor practice to generate generic/default OpenSSL certificates.  The solution was to remake the self-signed SSL certificate by entering proper information.  Probably even entering a different CName or organization etc to make the cert unique would be all it would take.

Here is a discussion on the bug in Mozilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1056341


Tags:

apache, ssl, firefox, freezes, loads, certificatei, centos, openssl, mysql, php, logs, htttpd, server, accepting, invalid, certificate, quot, ve, multiples, generating, certificates, embeded, devices, appliances, generate, generic, default, remake, cname, etc, cert, mozilla, https, bugzilla, org, show_bug, cgi,

Latest Articles

  • ImageMagick Convert PDF Not Authorized
  • ImageMagick Converted PDF to JPEG some files have a black background solution
  • Linux Mint Mate Customize the Lock screen messages and hide username and real name
  • Ubuntu/Gnome/Mint/Centos How To Take a partial screenshot
  • ssh how to verify your host key / avoid MIM attacks
  • Cisco IP Phone CP-8845 8800/8900 Series How To Reset To Factory Settings Instructions
  • ls how to list ONLY directories
  • How to encrypt your SSH private key file id_rsa
  • Linux Mint 18 Disable User Name List from showing on Login Screen
  • Firefox Cannot Hit Enter Key In Address Bar and Location History Not Working
  • Cisco Unified Communications Manager / CUCM IP 8.6,10,12 Install Error Solution
  • Ubuntu Debian Mint Linux SSHD OpenSSH Server Not Starting After Reboot Solution
  • nmap how to scan for all ports and not just the 1000 most common ports
  • Windows 7,8,10 and Server 2008, 2012, 2016, 2019 Read Only Attribute Won't Go Away
  • bind / named how to make a wildcard record and retain defined A records
  • Cisco Unified Communications Manager 12 Install Errors on Proxmox/KVM
  • Local Vs Universally Administered MAC Address NIC Refuses to come up
  • Cisco Unified Communications Manager 12 CUCM 12 - How To Enable Video Calling
  • Windows 7, 8, 10, Windows Server 2008, 2012, 2016, 2019 How To AC97 Audio Drivers and Other Unsigned Drivers
  • Cisco Unified Communications Manager / CUCM IP Telephony Definitions