File Upload error with SSL
Having a weird issue on my site. With the latest version of Firefox 36, anytime I try to upload a file of type doc or pdf, I am getting the following error:
Secure Connection Failed
The connection to the server was reset while the page was loading.
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem.
This is working on all other browsers and previous versions of firefox. This also works if the page isn't using https. We've checked over the SSL certificates and they are up-to-date. I'm just puzzled at how certain file types cause this issue.
I'm just using the following straightforward code to test:
<!DOCTYPE html> <html> <head> <title>File Upload</title> </head> <body> <form id="editTemplateMultipart-editForm" method="post" enctype="multipart/form-data"> <input type="file" name="myFile"> <button>Send the file</button> </form> </body> </html>
Thanks for your help
Ti ṣàtúnṣe
Ọ̀nà àbáyọ tí a yàn
Actually, we just found out the issue! Seems like it was the SSL accelerator was returning some parsing errors. Had to get CISCO tech support to look into it and they fixed it.
Ka ìdáhùn ni ìṣètò kíkà 👍 3All Replies (11)
Check your website's SSL configuration here: https://www.ssllabs.com/ssltest/
Thanks for the reply. I did run a report from that site and the certificate is indeed valid. I thought it had to be the SSL cert on our SSL accelerator but it doesn't seem that is the case here unfortunately
Just an update on our troublesome little scenario here.
- This error message only occurs when using input type="file" html element using POST and enctype="multipart/form-data" - Form submits fine with other html form elements - Issue only occurs in Firefox 36. No issues or error messages in console in Firefox 35 and other browsers. - Request seems to be sent when submitting the form but something is blocking the response. There is no response header in developer console. - SSL cert passes test on ssllabs.com. Uses RSA 2048 bits keys. Overall rating of B. The server does not support TLS1.2 and does support RC4 however according to Firefox is using the TLS_RSA_WITH_3DES_EDE_CBC_SHA cipher to connect so I'm not sure if that is the issue. It is going through an SSL accelerator. It's possible that could be the issue but not sure how to test that and what changed in Firefox 36 that affected this.
At a loss for how to debug this. Any help on this would be greatly appreciated!
Ọ̀nà àbáyọ Tí a Yàn
Actually, we just found out the issue! Seems like it was the SSL accelerator was returning some parsing errors. Had to get CISCO tech support to look into it and they fixed it.
Hi es72
Please could you elaborate on your solution? We have exactly the same problem but are unsure what the fix is. Any help would be greatly appreciated.
Our problem was on our Cisco SSL accelerator. Basically we called their tech support, sent them a log of the traffic and they determined the fix was to (their words) "Applied the parameter map to increase the parse length as we can see parse errors on the http stats." I'm not a hardware/network guy unfortunately so I can't really elaborate further on this.
One test you can do to see if this is the problem for you is to try uploading a 1kb text file and then a larger file (say 500kb text file). We noticed that the 1kb text file would upload but the larger file wouldn't.
Hope this helps
We are having the same issue with file uploads after upgrading to firefox 36.0. We are just not sure where the problem is.
Your inputs on how to troubleshoot or how you were able to determine that the problem is with the SSL accelerator would be very useful.
Hi
Thank you so much for your reply, that has helped me pinpoint the problem. You are a star.
For anyone else who might have the issue. We have Cisco ACE Application Control Engine. Under Load Balancing -> Parameter maps -> HTTP parameter maps we have changed the following:
Content Max. Parse Length (Bytes): 4096
Changed to:
Content Max. Parse Length (Bytes): 65535
Still need to look at the implications of this. I have fixed in test and will investigate further and implement in prod. I am not a network engineer but if any of you have network specialist who might be able to comment on this parameter it would be useful.
Cisco say this in their docs:
Content Max. Parse Length (Bytes)
Enter the maximum number of bytes to parse in HTTP content. Valid entries are integers from 1 to 65535, with a default of 4096.
Hope this helps.
We have the same issue with an OVH loadbalancer, but the parameter is already set to 65535 and the probleme is still there
Do you have other solutions ?
Hi
This is not a new problem , see this article link below:
Basically, in this article (3 years old) they set multiple parameters, again on an ACE:
header-maxparse-length 65535 max-parse-time 65535 content-maxparse-length 65535
https://supportforums.cisco.com/discussion/11508956/ace-connection-reset-using-firefox
Hope this helps.
Regards
MJ
Wanted to come back and update that ACE solution worked for us as well. Thanks to es72 and Maz for the solution and details.