Apache SSL very slow response with Firefox Freezes/Loads Very slow when checking self-signed SSL certificate

I was sure this was a Centos bug with OpenSSL, Apache, MySQL or even PHP.  I tried everything but nothing helped.  One clue is that if you check the Apache logs you will see nothing in the access logs until minutes later (this means Firefox has not even passed your request to the remote Apache/htttpd server).

When even accepting the invalid certificate message that would show up minutes later when trying to "View the Certificate" Firefox would freeze.  This bug is present in even the latest Firefox 53.

Eventually I realized it was just with Firefox and I suspected it was related to the self-signed SSL certificate even though I've had no problems before.

This is the key there is a weird Firefox bug where it cannot handle multiples of the exact same certificate so for example if you are generating completely standard OpenSSL certificates by hitting "Enter" all the way through this will be an issue.  There are also some embeded devices and appliances which do this.

What is the solution:

This is certainly a Firefox bug but it's also bad and poor practice to generate generic/default OpenSSL certificates.  The solution was to remake the self-signed SSL certificate by entering proper information.  Probably even entering a different CName or organization etc to make the cert unique would be all it would take.

Here is a discussion on the bug in Mozilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1056341


Tags:

apache, ssl, firefox, freezes, loads, certificatei, centos, openssl, mysql, php, logs, htttpd, server, accepting, invalid, certificate, quot, ve, multiples, generating, certificates, embeded, devices, appliances, generate, generic, default, remake, cname, etc, cert, mozilla, https, bugzilla, org, show_bug, cgi,

Latest Articles

  • How To Add Windows 7 8 10 11 to GRUB Boot List Dual Booting
  • How to configure OpenDKIM on Linux with Postfix and setup bind zonefile
  • Debian Ubuntu 10/11/12 Linux how to get tftpd-hpa server setup tutorial
  • efibootmgr: option requires an argument -- 'd' efibootmgr version 15 grub-install.real: error: efibootmgr failed to register the boot entry: Operation not permitted.
  • Apache Error Won't start SSL Cert Issue Solution Unable to configure verify locations for client authentication SSL Library Error: 151441510 error:0906D066:PEM routines:PEM_read_bio:bad end line SSL Library Error: 185090057 error:0B084009:x509 certif
  • Linux Debian Mint Ubuntu Bridge br0 gets random IP
  • redis requirements
  • How to kill a docker swarm
  • docker swarm silly issues
  • isc-dhcp-server dhcpd how to get longer lease
  • nvidia cannot resume from sleep Comm: nvidia-sleep.sh Tainted: Linux Ubuntu Mint Debian
  • zfs and LUKS how to recover in Linux
  • [error] (28)No space left on device: Cannot create SSLMutex Apache Solution Linux CentOS Ubuntu Debian Mint
  • Save money on bandwidth by disabling reflective rpc queries in Linux CentOS RHEL Ubuntu Debian
  • How to access a disk with bad superblock Linux Ubuntu Debian Redhat CentOS ext3 ext4
  • ImageMagick error convert solution - convert-im6.q16: cache resources exhausted
  • PTY allocation request failed on channel 0 solution
  • docker error not supported as upperdir failed to start daemon: error initializing graphdriver: driver not supported
  • Migrated Linux Ubuntu Mint not starting services due to broken /var/run and dbus - Failed to connect to bus: No such file or directory solution
  • qemu-system-x86_64: Initialization of device ide-hd failed: Failed to get