Where did you install Firefox from? Help Mozilla uncover 3rd party websites that offer problematic Firefox installation by taking part in our campaign. There will be swag, and you'll be featured in our blog if you manage to report at least 10 valid reports!

Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Wo archive tread sia. Meɖekuku bia biabia yeye ne ehia kpeɖeŋu.

SSL peer reports incorrect Message Authentication Code (Error code: ssl_error_bad_mac_alert) after Firefox 36 Upgrade

  • 2 ŋuɖoɖowo
  • 2 masɔmasɔ sia le wosi
  • 11 views
  • Nuɖoɖo mlɔetɔ elm-

elm-
elm-
more options

When upgrading from Firefox 35 to 36 (Windows 8, 32 bit) I start getting "SSL peer reports incorrect Message Authentication Code (Error code: ssl_error_bad_mac_alert)" SSL errors on at least one website I use. (https://marketplace.ibmcloud.com).

The message only appears when I get redirected to the website again after a previous OpenID login (some more cookies are set). When I browse the website without authentication it works on the encryption without any issues.

None of [1] applied, I do not experience this problem with any other browser or the previous version of Firefox. It seems to be limited to the specific case. Clearing any kind of cache, enable / disabled the ssl3* mechanisms, did have zero effect.

Is there any other way to debug this or someone has an idea what changed with Firefox 36 to introduce this behavior? I downgraded back to 35 for now to work again.

[1] https://support.mozilla.org/en-US/questions/new/desktop/fix-problems/form?search=SSL+peer+reports+incorrect+Message+Authentication+Code+(Error+code%3A+ssl_error_bad_mac_alert)&step=aaq-question

When upgrading from Firefox 35 to 36 (Windows 8, 32 bit) I start getting "SSL peer reports incorrect Message Authentication Code (Error code: ssl_error_bad_mac_alert)" SSL errors on at least one website I use. (https://marketplace.ibmcloud.com). The message only appears when I get redirected to the website again after a previous OpenID login (some more cookies are set). When I browse the website without authentication it works on the encryption without any issues. None of [1] applied, I do not experience this problem with any other browser or the previous version of Firefox. It seems to be limited to the specific case. Clearing any kind of cache, enable / disabled the ssl3* mechanisms, did have zero effect. Is there any other way to debug this or someone has an idea what changed with Firefox 36 to introduce this behavior? I downgraded back to 35 for now to work again. [1] https://support.mozilla.org/en-US/questions/new/desktop/fix-problems/form?search=SSL+peer+reports+incorrect+Message+Authentication+Code+(Error+code%3A+ssl_error_bad_mac_alert)&step=aaq-question

All Replies (2)

guigs
guigs
more options

Please contact the SSO developer of the Ibm website as well. The error is normally from an encrypted message coming from a previous session.

guigs trɔe

elm-
elm- Biabia la
more options

I created a ticket there as well for them to investigate, although knowing IBM I guess we know the answer already, if I hear anything from there I will let you know.

However, as the problem only occurs on the one version of Firefox as of right now, I'm inclined to role out potential server side issues as a reason and pass it to something within Firefox, or was there a change any encryption defaults that might force the server to switch to a different version or something that might have the bug?