cancel
Showing results for 
Search instead for 
Did you mean: 
danielsch
Level 10

Error sec_error_inadequate_key_usage in Firefox at MWG console login

Jump to solution

The access worked fine all the time, but since 2 days I'm not able to login with Firefox (38.4.0 ESR) via https://<MWG>:4712. I get the error "sec_error_inadequate_key_usage".

I found an older post with this, but there was never an answer.

We use MWG 7.4.2.11.0 and we doesn't changed or updated anything in that time where the error started.

Access via http:/<MWG>:4711 is possible and it's my fallback access now.

Has someone similar problems with the Firefox and how can I troubleshoot this with the MWG logfiles.

0 Kudos
1 Solution

Accepted Solutions
danielsch
Level 10

Re: Error sec_error_inadequate_key_usage in Firefox at MWG console login

Jump to solution

Finally I got the MWG console running via HTTPS with FF38, but still not with IE10.

I created a new self signed certificate for the User Interface. I have no idea, why the old one, created the same way, doesn't worked any more.

0 Kudos
4 Replies
danielsch
Level 10

Re: Error sec_error_inadequate_key_usage in Firefox at MWG console login

Jump to solution

I found out that it would work with Firefox version 24.2.0 (ESR) but also not with IE (10.0.28).

No one has similar certificate problems?

0 Kudos
McAfee Employee

Re: Error sec_error_inadequate_key_usage in Firefox at MWG console login

Jump to solution

Hi Frank,

I'm using the latest Firefox and it doesn't seem to give me a problem. I also don't have an issue in IE.

Could this be a problem with the UI certificate you uploaded? If perhaps the certificate was only given certain privileges (web server usage constraints, but not applet constraints). I know we use a McAfee certificate when we present the applet to the browser, this is signed by an external CA. The error you mention sounds like a key issue of some kind perhaps its only 1024 length?

Best Regards,

Jon

0 Kudos
danielsch
Level 10

Re: Error sec_error_inadequate_key_usage in Firefox at MWG console login

Jump to solution

Hi Jon,

I checked the certificates and settings at the MWG.

The certificate that is used for the SSL Admin login (configuration -> Appliances -> User Interface) is a SHA1 2048bit certificate.

The certificate that is used for proxy connections (Policy -> Settings -> SSL Client Context with CA -> Default CA) is the same then the admin ssl certificate.

Settings at this section are:

2015-11-26 16_20_47-McAfee _ Web Gateway.png

So the settings are shown no different for me then before. How I said. FF 24 works but FF38 not. With IE10 I only get a MWG block site "The proxy could not connect to the destination in time."?

0 Kudos
danielsch
Level 10

Re: Error sec_error_inadequate_key_usage in Firefox at MWG console login

Jump to solution

Finally I got the MWG console running via HTTPS with FF38, but still not with IE10.

I created a new self signed certificate for the User Interface. I have no idea, why the old one, created the same way, doesn't worked any more.

0 Kudos