HTTPS errors with Firefox Roaming profiles on Windows 10
Hi all,
We use Firefox ESR (and Thunderbird too) in our company, and there a problem only under windows 10 (it's ok under Windows 7).
Under Windows each user has a network drive as user home folder.
FF & TH profiles are locate in user home folder (H:\.system\{FF,TH}\profiles.default
Everything works fine but after couple of hours (very randomly), FF crash on every HTTPS website with this error : Connection blocked. Potential security issue.
The only way to fix it is restart Firefox. When Firefox is closing, I can see this errors In the Windows Viewer Events :
-> Information - Application Popup - Event 26 - Delayed Write Failed : Exception Processing Message 0xc000a080 Parameters 0x7ffe5d272d58 0x7ffe5d272d58 0x7ffe5d272d58 0x7ffe5d272d58
-> Système - mrxsmb - Event 139 - {Delayed Write Failed} Windows was unable to save all the data for the file \.system\Firefox\profile.default\favicons.sqlite-shm. The data has been lost. This error may be caused by a failure of your computer hardware or network connection.
The mrxsmb event only appears on severals .sqlite-shm files
There is nothing abnormal on the side of the server hosting the profiles. The logs server reveal nothing and indicate no more than with Windows 7 client PCs compared to Windows 10.
After delving into google for these error messages, tricks like disabling TCP Offloading or Opportunistic Locking don't work.
Firefox Safe Mode doesn't work.
Does anyone have a solution to this problem?
Thanks in advance :-)
(Sorry for my English, it's not my native language)
Modified
All Replies (8)
Same problem with Firefox 72
Modified
Connection blocked. Potential security issue.
Does the page state the nature of the security issue? https://support.mozilla.org/en-US/kb/secure-connection-failed-firefox-did-not-connect
The .sqlite-shm are temporary files for the .sqlite profile databases. Once you restart firefox, any delayed-write operation will almost certainly fail as firefox is being forced to close while hanging. (Therefore the Windows Master Browser service cannot complete the transaction.)
Resolving the secure connection / certificate issue should avoid this behavior, but the refusal to connect and the security warning should not cause Firefox to hang.
If Firefox has any crash reports related to this, you can submit them if they are unsubmitted, and you can copy and paste the crash report identifier in a post here. Hopefully someone can have a look at it. https://support.mozilla.org/kb/firefox-crashes-troubleshoot-prevent-and-get-help?redirectslug=Firefox+crashes#w_get-help-fixing-this-crash
SHM files are SQLite SHared Memory files. Those files are temporary files used to ensure no dataloss occurs when something goes wrong with updating a SQLite database (i.e. a failed transaction can be rolled back).
Is there security software running that might be causing this issue?
You can see in attachment the error message.
To reproduce the error, I realized that I just had to restart the Samba service on the server that hosts the profiles. So it's like the network connection goes down and Firefox can't find its files.
I deduce that Windows 10 may have to lose the network connection for a short time, which causes Firefox to crash. If I run Firefox on Windows 7 and restart Samba, Firefox continues to work properly.
only Windows 10 antivirus is installed. I tested by disabling it completely and it didn't work.
when you click on "view certificate" form that screenshot what info is showing up?
here is the screenshot of the certificate infos (sorry, it's in french).
it is written in bold : Could not verify this certificate because the issuer is unknown.
In OU field : not part of certificate
The GTS CA 101 certificate looks OK.
Try to rename the cert9.db file (cert9OLD.db) and remove the previously used cert8.db file in the Firefox profile folder with Firefox closed to remove intermediate certificates and exceptions that Firefox has cached.
If this has helped to solve the problem then you can remove the renamed cert9OLD.db file. Otherwise you can undo the rename and restore cert9.db.
Unfortunately it doesn't work.
I think at some point something is preventing Firefox from reading certain profile files. But what ?...