Apache SSL very slow response with Firefox Freezes/Loads Very slow when checking self-signed SSL certificate -

Apache SSL very slow response with Firefox Freezes/Loads Very slow when checking self-signed SSL certificate

I was sure this was a Centos bug with OpenSSL, Apache, MySQL or even PHP.  I tried everything but nothing helped.  One clue is that if you check the Apache logs you will see nothing in the access logs until minutes later (this means Firefox has not even passed your request to the remote Apache/htttpd server).

When even accepting the invalid certificate message that would show up minutes later when trying to "View the Certificate" Firefox would freeze.  This bug is present in even the latest Firefox 53.

Eventually I realized it was just with Firefox and I suspected it was related to the self-signed SSL certificate even though I've had no problems before.

This is the key there is a weird Firefox bug where it cannot handle multiples of the exact same certificate so for example if you are generating completely standard OpenSSL certificates by hitting "Enter" all the way through this will be an issue.  There are also some embeded devices and appliances which do this.

What is the solution:

This is certainly a Firefox bug but it's also bad and poor practice to generate generic/default OpenSSL certificates.  The solution was to remake the self-signed SSL certificate by entering proper information.  Probably even entering a different CName or organization etc to make the cert unique would be all it would take.

Here is a discussion on the bug in Mozilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1056341

  • css responsive images
  • responsive table without changing much code solution
  • yum how to install old obsolete packages
  • PHP Howto Store Value of Included File Output Into Variable
  • PHP Migration from 5.3 to 5.4+ and dealing with deprecated functions
  • ffmpeg vidstab to stabilize video
  • userdel user userdel: cannot lock /etc/passwd; try again later.
  • mdadm how to mount inactive array
  • How to find and mount mdadm arrays automatically
  • M2Crypto.SSL.Checker.WrongHost: Peer certificate subjectAltName does not match host, expected fedora-archive.ip-connect.vn.ua, got DNS:mirror.ip-connect.vn.ua
  • [Wed Sep 20 15:34:44 2017] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) [Wed Sep 20 15:34:44 2017] [error] Init: Unable to read server certificate from file /www/ssl-certs/server.crt [Wed Sep 20 15:34:44 2017] [error] SSL Library Err
  • linux how to answer yes to copy
  • linux cp and mv will not overwrite due to alias!
  • ERROR 2006 (HY000) at line 567: MySQL server has gone away
  • vbulletin 4.2.5 after upgrading from 3.6 white screen fatal php errors
  • iptables v1.4.7: can't initialize iptables table `NAT': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded.
  • Linux and FreeBSD how to set time and date
  • FreeBSD/OpenBSD OpenVPN Client error "Cannot allocate TUN/TAP dev dynamically"
  • kdenlive - No LADSPA plugins were found! Check your LADSPA_PATH environment variable. [producer_xml] failed to load transition "qtblend"
  • /usr/bin/supermin-helper exited with error status 1. To see full error messages you may need to enable debugging. See http://libguestfs.org/guestfs-faq.1.html#debugging-libguestfs at /usr/bin/virt-list-partitions line 177.