Re: “Secure Connection Failed” Error in Firefox
On Sun, Mar 3, 2024 at 2:02 PM Jeffrey Walton <noloader@gmail.com> wrote:
>
> On Sun, Mar 3, 2024 at 1:47 PM Marcelo Laia <marcelolaia@gmail.com> wrote:
> >
> > Hello Debian users!
> >
> > When accessing the website https://gontijoonibus.gontijo.com.br/ on Firefox Android (on my smartphone), the site is accessed normally. However, when attempting to access this site on the desktop, Debian Firefox-ESR version 115.8.0esr (64-bit), the following error occurs:
> >
> > Secure Connection Failed
> > An error occurred during a connection to gontijoonibus.gontijo.com.br.
> > The page you are trying to view cannot be displayed because the authenticity of the received data could not be verified.
> > Please contact the website owners to inform them of this problem.
>
> According to OpenSSL and the default CA list on Ubuntu 22.04, the
> connection looks Ok. The problem appears to be more than a simple
> problem connecting.
>
> If I had to hazard a guess, I would start with the wildcard in the
> Common Name (CN) shown below. I know the CA/Browser Baseline
> Requirements changed recently, and CN is now a SHOULD NOT. Wildcards
> have been frowned upon but not forbidden. Maybe the browsers are
> moving against wildcards in the CN now.
>
> Note: tooling, like cURL, OpenSSL and Wget follow the IETF's Internet
> PKI (PKIX). Browsers follow the CA/Browsers Baseline Requirements (Web
> PKI). They mostly overlap, but they have a fair amount of differences
> once you accumulate some knowledge about them.
>
> And the IETF lawyers wrote a nasty letter to the W3C a couple of years
> ago because the W3C was publishing incompatible standards. See
> <https://www.ietf.org/media/documents/2023.01.26_Correspondence_IETF.pdf>.
> And from my observations, the CA/Browser Forums have been doing the
> same thing. So I would not be surprised if there's an incompatible
> change between PKIX and Web PKI.
>
> <CODE>
> $ echo -e 'GET / HTTP/1.1\r\n\r\n' | openssl s_client -connect
> gontijoonibus.gontijo.com.br:443 -servername
> gontijoonibus.gontijo.com.br
> CONNECTED(00000003)
> depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert
> Global Root G2
> verify return:1
> depth=1 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = Thawte
> TLS RSA CA G1
> verify return:1
> depth=0 CN = *.gontijo.com.br
> verify return:1
> ---
> Certificate chain
> 0 s:CN = *.gontijo.com.br
> i:C = US, O = DigiCert Inc, OU = www.digicert.com, CN = Thawte TLS RSA CA G1
> a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
> v:NotBefore: May 9 00:00:00 2023 GMT; NotAfter: May 8 23:59:59 2024 GMT
> 1 s:C = US, O = DigiCert Inc, OU = www.digicert.com, CN = Thawte TLS RSA CA G1
> i:C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert
> Global Root G2
> a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
> v:NotBefore: Nov 2 12:24:25 2017 GMT; NotAfter: Nov 2 12:24:25 2027 GMT
> 2 s:C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert
> Global Root G2
> i:C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert
> Global Root G2
> a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
> v:NotBefore: Aug 1 12:00:00 2013 GMT; NotAfter: Jan 15 12:00:00 2038 GMT
> ---
> Server certificate
> -----BEGIN CERTIFICATE-----
> MIIGITCCBQmgAwIBAgIQB7Bs73IlM/884Dqb8/YZoTANBgkqhkiG9w0BAQsFADBe
> MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
> d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRUaGF3dGUgVExTIFJTQSBDQSBHMTAe
> Fw0yMzA1MDkwMDAwMDBaFw0yNDA1MDgyMzU5NTlaMBsxGTAXBgNVBAMMECouZ29u
> dGlqby5jb20uYnIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNoYUM
> EjKsU7gHu5iZpkwZkwJGyMe1l5d1+YVUJLkB23vxGXxSRoYVOqhPR/sbvyue0FFA
> OwbKriu+XjXA/dCOC6hEX9UbvHK9i5YFaPbJIDkwZKuA3SltFSyJsuRNP7dpYEkY
> uxZ4pcLBtEAh9+im1g5l4ubrFDrxdr5Wvjne6viDyZ+40Alc+i1pirlymsD7k6tH
> 4bLaR+qopr6YqufzOkWlcodNbCnQ3TF1ZOVppwJDYvWaROQ8WcUC5c3v4TDYcXrq
> YasWMtN2GL+UwQL4Gc/q9slkpG1ML8lX50CwxhGAngjz8PdNq9ql+kHa9XfTx+5G
> DYrshriHimk9POppAgMBAAGjggMcMIIDGDAfBgNVHSMEGDAWgBSljP4yzOsPLNQZ
> xgi4ACSIXcPFtzAdBgNVHQ4EFgQUOgqjT5nVOc1VYZ8vm/Y80TI7UIEwKwYDVR0R
> BCQwIoIQKi5nb250aWpvLmNvbS5icoIOZ29udGlqby5jb20uYnIwDgYDVR0PAQH/
> BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAy
> MDCgLqAshipodHRwOi8vY2RwLnRoYXd0ZS5jb20vVGhhd3RlVExTUlNBQ0FHMS5j
> cmwwPgYDVR0gBDcwNTAzBgZngQwBAgEwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3
> dy5kaWdpY2VydC5jb20vQ1BTMHAGCCsGAQUFBwEBBGQwYjAkBggrBgEFBQcwAYYY
> aHR0cDovL3N0YXR1cy50aGF3dGUuY29tMDoGCCsGAQUFBzAChi5odHRwOi8vY2Fj
> ZXJ0cy50aGF3dGUuY29tL1RoYXd0ZVRMU1JTQUNBRzEuY3J0MAkGA1UdEwQCMAAw
> ggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB2AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8
> vOzew1FIWUZxH7WbAAABiABkUyYAAAQDAEcwRQIgfzcKflXhHpmu5GHg8S048cs8
> vpP1gxpdWDsSoIW7iBICIQDMDeAMb6rf8XcdLAxVXeScb4DE6WI73WrxLuhijv7O
> +gB2AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABiABkUyUAAAQD
> AEcwRQIgP46qqZOnzi6Zp+F30GBTHY5LpCR9uL55MFTS+XnRsv0CIQDTC52xy9Gl
> xzzDqltvAGVq10MgnLY9rIvZMccRsEVgEAB2ANq2v2s/tbYin5vCu1xr6HCRcWy7
> UYSFNL2kPTBI1/urAAABiABkUvIAAAQDAEcwRQIgAtm8xShzPd6lmxA4dGyZzQKa
> U6fmBbCDIkyqNnKgOtoCIQCx5g1X5GBvuqkBlQHIYeWQ4UB1tNEtYYN/z3D293Lf
> LTANBgkqhkiG9w0BAQsFAAOCAQEARpS7/BX4uVMvOMGfTo92uZNMozhWJzE+5o+k
> ARsyf8FPmTNjHs+Z6A+DWTQ/4AAJ+cRv9LJzHpXw4X/o3u6VF5+rma20q7eLupxg
> wR42zPCAw0SvfgbPvJsEZ/PE2ydOcWQ2Td3jr5ef/mxuyDxf3t7UvwMAVJLcZgHw
> eF+DSBvq+2T1td5/B8K85vjhF0PSjji39GH/aX//jv4m/lrplUTXu+dxFCoeMS1t
> yD2XppYHTThvxHjOEs77GnLcvZZqX+21+K7b8QqmzHidCAapVGBNiGoyMhVhZq7B
> aUH4Sou6JqALkvso5pLFdfk4Lg+sBpogecpqaK+W6SpBAAxoFQ==
> -----END CERTIFICATE-----
> subject=CN = *.gontijo.com.br
> issuer=C = US, O = DigiCert Inc, OU = www.digicert.com, CN = Thawte
> TLS RSA CA G1
> ---
> No client certificate CA names sent
> Peer signing digest: SHA256
> Peer signature type: RSA-PSS
> Server Temp Key: X25519, 253 bits
> ---
> SSL handshake has read 4224 bytes and written 410 bytes
> Verification: OK
> ---
> New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
> Server public key is 2048 bit
> Secure Renegotiation IS NOT supported
> Compression: NONE
> Expansion: NONE
> No ALPN negotiated
> Early data was not sent
> Verify return code: 0 (ok)
> ---
> DONE
> </CODE>
One other thing to note is information from
<https://www.ssllabs.com/ssltest/analyze.html?d=gontijoonibus.gontijo.com.br>.
It looks like the tool is reporting an error at the application layer
(the request failed). So if we add the host: parameter to the HTTP
request, we can see it also shows no document is returned:
<CODE>
$ echo -e 'GET / HTTP/1.1\r\n host:
gontijoonibus.gontijo.com.br\r\n\r\n' | openssl s_client -connect
gontijoonibus.gontijo.com.br:443 -servername
gontijoonibus.gontijo.com.br
CONNECTED(00000003)
depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert
Global Root G2
verify return:1
depth=1 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = Thawte
TLS RSA CA G1
verify return:1
depth=0 CN = *.gontijo.com.br
verify return:1
---
...
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
DONE
</CODE>
So the problem seems to be in the web server, and not in the TLS protocol.
Jeff
Reply to: