I am connecting to a website (via Firefox 6.0.2 on Mac OS X 10.6.8) I know is legitimate, and the connection worked up till yesterday. However, when I connected to day I got the following error:
An error occurred during a connection to [domain].
You have received an invalid certificate. Please contact the server
administrator or email correspondent and give them the following
information:Your certificate contains the same serial number as another
certificate issued by the certificate authority. Please get a new
certificate containing a unique serial number.(Error code: sec_error_reused_issuer_and_serial)
Is there a way to fix this?
Best Answer
If it's a public CA it is likely an operational error which they would very much want to know about. If it's a private CA or cert then the signer should resign it with a new serial number to get rid of the error (bad form to reuse a serial number... unless you are willing to revoke all certs with that # at the same time). You could download the cert (use openssl as an ssl client and have it save the certificate for you) and then explicitly add the certifiate to the FF root store marked as trusted (http://www.mozilla.org/projects/security/pki/nss/tools/certutil.html) but that might not do the trick depending on where NSS is catching the problem. In any case the right action is fixing (re-issuing) the certificate.