Operational Defect Database
BugZero found this defect 2186 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
WatchGuard Technologies | kA10H000000g3dGSAQ
HTTPS pages fail to load with Firefox when Content Inspection enabled in HTTPS proxy
Last update date:
5/30/2018
Affected products:
Firebox M200
Firebox M300
Firebox M270
Firebox M370
Firebox M470
Firebox M570
Firebox M670
Firebox M290
Firebox M390
Firebox M400
Firebox M500
Firebox M440
Affected releases:
All
Fireware
11.x
11.1.x
11.10.x
11.10
11.10.1
11.10.2
11.10.3
11.10.4
11.10.5
11.10.6
Fixed releases:
v12.2.1
Description:
Issue
If you enable Content Inspection in the HTTPS proxy, Firefox web browsers will fail to load HTTPS pages with the error message MOZILLA_PKIX_ERROR_REQUIRED_TLS_FEATURE_MISSING. This issue occurs because Content Inspection does not currently support OCSP stapling that Firefox now enforces. To learn more information about OCSP stapling, see https://en.wikipedia.org/wiki/OCSP_stapling
Workaround/Solution
This issue does not occur on other web browsers unless you install an extension that enforces OCSP stapling. To disable OCSP stapling in Firefox, browse to about:config and set security.ssl.enable_ocsp_must_staple to False.
