SSL protocol checking breaks updates of FF Minefield 3.7

SSL protocol checking breaks updates of FF Minefield 3.7 and MediaCenter

running update of FF Minefield with SSL checking on (4.2.40.0 on WIN 7 64bit) returns the following error



for MediaCenter the error reads:

Failed to retrieve EpgListings (Error: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.)


no problems when SSL checking is off, hence please sort this bug out.

 

this has not been fixed until date, SSL protocol checking breaking:

FF Minefield updates
WIN 7 64 bit MediaCentre Updates

 

You can accomplish SSL scanning in FF Minefield by exporting the ESET root certificate (e.g. via IE) and importing it to FF manually.

 

tried it, but it does not solve the matter.

there are two types of certificates to be exported from IE8 32bit, *.cert and *.p7b. latter cannot be imported into FF Minefield. hence leaves the *.cert.
the only FF store accepting is servers



having the certificate there gets me still the error when updating as shown in the initial post.

also leaves MediaCentre Updates, which for now excluded from SSL scanning, yet again just being a workaround but no fix

 

Please follow the instructions mentioned in this KB article. If you have already added Mozilla's certificate to the Trusted certificates list, remove it. The next time you'll attempt to update FF, a pop-up window asking you whether to trust the certificate will appear, choose Exclude and FF will update fine.

 

thanks. wondering what is wrong with the *.mozilla.org certificate that it has to be excluded (which is just another workaround) by NOD? it will just not only impact the update but any website using the *.mozilla.org certificate

and what is wrong with the MediaCenterUpdate?

 

That's so because there's no way to make the root certificate a built-in certificate and thus FF doesn't trust it.

As for MediaCenter, I'm not familiar with it. Could you provide me with a link where I could download it from so that I can test it?

 

strange, because according to the KB you referred to NOD is excluding the *.mozilla.org certificate and not FF excluding the Eset certifcate?

it is actually build-in WIN 7, I reckon all flavours.



its updater is



and the error log is mentioned in the initial post

 

before it gets forgotten

 

not fixed yet

 

Re: SSL protocol checking breaks updates of FF 3.7 / MC update / FileZilla update

on the MC update the error reads:

seems the list keeps on growing, next application failing update with SSL protocol checking enabled is FileZilla, error log:

and the workaround, mozilla certificate excluded) for FF does not work around any more with the latest FF 3.7 64bit version.

when all of this getting fixed?

 

Re: SSL protocol checking breaks updates of FF 3.7 / MC update / FileZilla update

Mozilla products will not work with SSL enabled unless an exception is set. As it's been said, it's because 3rd party cannot be set as built-in which are the only ones Mozilla trusts.

 

Re: SSL protocol checking breaks updates of FF 3.7 / MC update / FileZilla update

that exception/workaround you pointed too does not work any more with the latest 64bit version of FF Minefield. if is stays that way FF 4 update will not be working with NOD32 SSL protocol checking enabled.

why would be a problem for Eset to get in touch with Mozilla and simply fix it?

having said that there are more incompatibilities mentioned.

 

Re: SSL protocol checking breaks updates of FF 3.7 / MC update / FileZilla update

Not possible as a new root certificate is generated dynamically when SSL scanning is enabled. The only possible option would be accepting other than built-in certificates by Mozilla which is against their strict policy.

 

MC update / FileZilla update not fixed with 4.2.58.3