Recently i have re-installed my GitLab application on my Linux system. When i tried to access my GitLab application link (https://gitlab.domain.com) on Windows system's Firefox browser i am getting below error.
Since the certificate generated freshly it was conflicting with existing/previous certificate, So i have followed this Link workaround. However even after system reboot also same error occurring, I can't access my GitLab application on Firefox browser.
I'm able to access it on Chrome browser without any problem.
Please let me know still where i need to clear the old certificate to make it work on firefox?
That seems to be the same error as in issue 435013 reported 13 years ago (and still open), where Firefox has an issue with routers and NSS (Network Security Services) (error -8054)
As I understand it, and from the discussion on #312732 which is the underlying issue, the problem is that the crypto uses the cert ID as a unique key in a database.
When a dupe is encountered, you can't have two primary keys in a database, so it just dies with a fatal error, hence FireFox gives up connecting to the site and passes on the fatal error to be presented.
This is not a "fundamental NSS design issue", it's a political issue, Firefox is ACTIVELY refusing to let people access their network equipment.
Check also the firmware of your router:
It seems to me that it is VERY EASY for the server-side products that
generate these certificates to more-or-less fix the problem in updated
firmware with very little effort. Even simply randomizing the serial numbers
in the certs, they would nearly completely eliminate the problem, AFAICT. In
fact, it is worth making sure that the affected server-side hardware has
up-to-date firmware, because some vendors might have already fixed it on
their end already.
Possible workaround (which would work even after FF restart)
This is hardly any fix, but I installed a new Mozilla from scratch on a VM under Virtualbox.
I than browsed to all my local systems I was getting this error. On connecting from the new Window3s sytem running on VM to each local IP, I received the warning, and created the exception.
I than went in to Preferences>Advanced, and Exported all the certificates to a share on one of my NAS units.
I proceeded back to the broken Mozilla running on my Mac OS X 10.11.1, and I Imported all the certificates.
I then restarted FF, and connected to each device I was getting the error on, and I received the "This is an untrusted connection, Get me out of here, or would you like to create an exception." YES!!
I created the exception, and finally I could get to my firewalls, and all other local devices.
Other workaround:
Run: firefox --no-remote --ProfileManager
Create a new profile there.
Open a new instance of Firefox using the new profile. To run Firefox with the profile you can use the command from 1. or: firefox --no-remote -P profile_name
Do the actions there as if it was a separate installation of Firefox
We have been trying to submit an app to the iTunes store using Application Loader for three days and keep getting stuck at the "Authenticating with the iTunes store" step.
We have read many forums (including stackoverflow) and tried what was suggested:
making a new provisioning profile
using different or multiple versions of Application Loader
changing proxy settings
rebooting the Mac
uploading at a different time of the day, etc.
We have even left it running overnight and have not had success with getting past this step. Unfortunately, no feedback is given about what the issue may be, and we have not gotten any error messages. We have submitted multiple apps without any difficulty in the past but are completely stuck this time!
How were you able to solve it?
This only started happening to me today (May 2017) and no answers in this thread solved my issue. The resolution for me was from here;
https://forums.developer.apple.com/thread/76803
Open Terminal. Change to home directory,
cd ~
Move the current transporter directory,
mv .itmstransporter/ .old_itmstransporter/
Invoke the following file to let Transporter update itself.
"/Applications/Xcode.app/Contents/Applications/Application Loader.app/Contents/itms/bin/iTMSTransporter"
Wait till it updates, then open Xcode and attempt upload.
You have to agree to a new sign up in Application Loader. Select "Application Loader" under the "Xcode -> Open Developer Tool" menu (the first menu to the right of the Apple in the menu bar). Once you open Application Loader there will be a prompt to agree to new terms and then to login again into your iTunes account. After this any upload method will work.
Just wait. In a few minutes all will be ok.
Dec 10th 2019, Xcode Version 11.2.1, MacOS X 10.15.1
I was facing exactly same issue yesterday and I thought it might be network issues, at least it looks like so. But this morning I had tried couple different networks and several VPN connections, none of them is working!
The highest voted answer here asks me to reset a cache folder named .itmstransporter under my home dir, the run a program iTMSTransporter under a specific folder, but I can't find both of them.
But soon I figured that it is the cache folder for the people who uses the legacy uploader program: Application Loader, which is deprecated by Apple and can be no longer found in Xcode 11. Then I found that the latest Xcode has located iTMSTransporter here:
/Applications/Xcode.app/Contents/SharedFrameworks/ContentDeliveryServices.framework/itms/bin/iTMSTransporter
And its cache folder is here:
/Users/your_user_name/Library/Caches/com.apple.amp.itmstransporter/
I removed my existed cache folder, and run iTMSTransporter without any parameter, it soon started to output logs and download a bunch of files, and finished in 2 or 3 minutes. Then I tried again to upload my ipa file, it works!!!
CONCLUTION:
Either the old Application Loader, or the latest Xcode, uses a Java program iTMSTransporter to process the ipa file uploading.
To function correctly, iTMSTransporter requires a set of jar files downloaded from Internet and cached in your local folder.
If your cache is somehow broken, or doesn't exist at all, directly invoking iTMSTransporter with functional parameters such as --upload-app in our case, iTMSTransporter DOES NOT WARN YOU, NOR FIX CACHE BY ITSELF, it just gets stuck there, SAYS NOTHING AT ALL! (Whoever wrote this iTMSTransporter, you seriously need to improve your programming sense).
Invoking iTMSTransporter without any parameter fixes the cache.
A functional cache is about 65MB, at Dec 10th 2019 with Xcode Version 11.2.1 (11B500)
I was stuck at "Authenticating with the iTunes Store" today. I had used the same version and build number as a previous submission. After I updated the build number, the upload went fine. I don't know if it's related, or if it was a coincidence.
I had the same issue for months, I just removed hotspot shield and private tunnel applications from my computer and tried to upload my app and everything worked just fine. so I suggest if you have installed any VPN application on your computer, remove the application and then try uploading your app from either application loader or xcode's organizer.
Try answer mentioned in this Reference Link, it really worked for me and for others as well.
Mentioning answer here as well.
Open Terminal and run:
cd ~
mv .itmstransporter/ .old_itmstransporter/
"/Applications/Xcode.app/Contents/Applications/Application Loader.app/Contents/itms/bin/iTMSTransporter"
iTMSTransporter will then update itself, then you can try uploading in XCode again or via application loader.
There is no magic fix. Itunes is just working bad. Lately is having more and more issues and it takes more and more to update and send an ipa to the store.
I had this issue with AppLoader and Xcode organiser too and after trying multiple times it just went through.
Changing network connection helped.
Turned off wifi on my phone
Enabled 3G
Created HotSpot
Connected my mac to the hotspot and got through the authetication issue
In my case, I hadn't agreed to the newest Developer Agreement. Just run Application Loader once, click on [Accept] to agree, then quit the Application Loader and the Upload to App Store should work fine.
Following worked for me.
Open another instance of Application Loader.
( Select "Application Loader" under the "Xcode -> Open Developer Tool" menu)
"Agree" to the terms.
After completing Step 2. First instance of Application Loader proceeded to the next step and build got submitted.
I have also encounter the same issue. One possible solution is to go to Xcode -> Preferences -> Accounts and from the left menu select on App ID then click on the View Details and tap on the refresh button. while reloading you will get following error
The selected team's agent, 'ADMIN NAME' must agree to the latest
Program License Agreement.
If you will not get above error, Following solution will not work.
It means that you need to login into the developer account using Admin login and accept that latest agreement.
Then you will be able to upload binary on the app store.
The updated answer for Xcode 11.x.x and Transporter application, open terminal:
rm -rf ~/.itmstransporter/
"/Applications/Transporter.app/Contents/itms/bin/iTMSTransporter"
Wait a while
Problem solved!
I'm running MacOS Mojave 10.14.6, Xcode 11.3.1 and Transporter 1.1.1, and always got stuck at the Authentication with App Store stage, no matter how long I wait, I tried uploading using Xcode, using xcrun altool, Transporter, nada.
Finally I got it working by exporting the ipa file to a new Macbook (10.15.3, Xcode 11.3.1, Transporter 1.1.1), and used the Transporter app to upload it there.
The key difference is the Transporter tool on my new Macbook asked for a 6-digit code as authentication while the old Macbook did not, I suspect the authentication token on my old device expired but the system didn't ask for a new one when trying to upload the app. I had 2-FA enabled.
So I think forcing a manual re-authentication when you upload the app is the answer, the only other difference is the MacOS version, but I didn't test if it'll make a difference.
I solved the problem by removing ~/Library/Caches/com.apple.amp.itmstransporter.
For safety, renaming will be better,
cd ~/Library/Caches
mv com.apple.amp.itmstransporter com.apple.amp.itmstransporter.old
Then, xcrun altool uploaded my ipa successfully.
By the way, I'm using Xcode 11.x & 12.2, macOS Catalina.
In 2020 Dec, the fix did finally worked for me was restarting my mac.
Today I ran into this issue, on Xcode 11.2.1 I solved it by going to Xcode -> Preferences -> Accounts -> Tapped on the '-' next to my Apple ID, then signed in again. This fixed it for me!
In April 21, 2021, I followed #DawnSong's answer, outlined in the image below but I also restarted my Mac and voila it worked.
Spec
Xcode 12.4
macOS Big Sur 11.2.3
You may try to relogin your ITC account via Application Loader.
Just try a different Internet connection. I tried all the solutions above but none worked. However, when I tried using my cellular connection (instead of my DSL connection that stands behind a firewall), it worked immediately.
It might be a network issue. If you are running inside a virtual machine (e.g. VMWare or VirtualBox), try setting the network adapter mode from the default NAT to Bridged.
All i did was duplicate my Application Loader.app in /Applications and
ran both Application loaders at the same time.
this solution is out there, it used to work for me, but today not even that! what I did and worked is that (2 instances) + uploading with XCode (organizer). Had to try a couple of times and it worked.
hope this helps someone, this bug has been there for quite a lot of time now() an apple doesn't seem to care too much
Another reason could be that you have changed the machine from which you're submitting the app. Or the user account on the machine. The new machine may lack the private key and/or certificate for the App Store. Although a certificate with the correct name is displayed in Xcode.
In this case, go to https://developer.apple.com -> certificates, use the plus sign (+) to add a new certificate (distribution), and follow the steps to request a certificate for the private key on your current machine. After installing the certificate, authentication may work.
For me I tried almost all the suggestions given above but the problem still reoccurred after the first success in uploading to App store. Until I found this website. In summary, do the following
Open terminal
Run this command:
rm -rf ~/.itmstransporter/
“/Applications/Xcode.app/Contents/Applications/Application
Loader.app/Contents/itms/bin/iTMSTransporter”
Note: this command(which is different from others above) will delete your ITMSTansporter folder and create a new one and ensure that xcode is quitted before running this command.
3. Start Xcode and all should be well.
Using Xcode 12.3 Distribute App and xcodebuild both got stuck today at this point.
I finally was able to solve this. Peeking around my system I found 3 versions of iTMSTransporter.
Printing the version of each using ./iTMSTransporter -version gives the following results:
/Applications/Transporter.app/Contents/itms/bin/ has version 2.0.0
/Applications/Xcode.app/Contents/SharedFrameworks/ContentDeliveryServices.framework/Versions/A/itms/bin/ has version 2.1.0
/usr/local/itms/bin/ has version version 1.9.3
So it looks that old version in /usr/local/itms was used by Xcode. After deleting /usr/local/itms I was able to upload my binary within Xcode 12.2 and using the xcodebuild command line tool.
Check your firewall
Network settings - (Check with network admin, usually they have blocked apple services unknowingly)
Check your system data/time.
I had same sort of issue, I resolved it by getting direct access to internet.
Also check Application Loader logs to see at which point it gets stuck.
I think I followed all the approaches given, but none worked for me.
My own approach that seems to work for me is to go thru the initial steps to upload a binary, then, after selecting the binary, do NOT click Send; instead close the window, and in the new window that will appear, start anew: hopefully it will go thru.
Found the solution:
I was uploading the build, Every activity went well except “Authenticating with the iTunes store”.
I disconnected my LAN cable and Connected my MAC with my mobile hotspot. and authentication problem was solved. If you have a limited internet plan then as soon as you pass authentication stage, again connect your LAN so that it will upload the app from you LAN cable's internet connection.
my upload failed each time when I uncheck the "include bitcode" option when uploading. So I checked the "include bitcode" option and upload went well.
Check your Firewall, If it is "On" then just Off it, then try
Every attempt to connect to Wired.com is met with a certificate error.
I've checked the usual suspects and even done things that probably have nothing to do with it.
Browsers tried
Safari=failed
Chrome=failed
Brave=failed
Firefox=success
Verified no Chrome extensions interfering (incognito w/ no approved incog extensions)
Same with Safari.
Flushed DNS
Rebooted
Time settings obv correct
I started to get paranoid thinking that something is hijacking my connection, but the only active ports I've got open and connected are... well, supposed to be open. And then the fact that it works with Firefox is even stranger. Firefox is my proxy browser, but it works via proxy w/out.
This is a recently upgraded Sierra machine. I'm not an avid wired reader, so I couldn't tell you if it was happening previously, but I can say I've got 4 other mac test machines here and none of them are experiencing the same issue.
Sierra vs Capitan doesn't make a difference. And this is now going on a 2 week issue. Wired appears to be literally the only site effected. At this point it's more a curiosity at getting to the bottom of this than anything else, since it does appear to be something isolated to this machine.
Also, I think we can rule out a CDN issue. As all my other machines are connecting from this same wanIP.
Man, just absolutely any suggestions for more internals I could go digging through to try and get to the bottom of this would be oh so greatly appreciated. Because I've about relegated myself to keyboard head smashing.
The problem (most likely) is caused due to recent issue at GlobalSign as they incorrectly revoked their cross-certificates. Full statament from GlobalSign: Certificate Revocation Issue
Thanks guys. That GlobalSign certificate was cached.
Removing the cache at
/var/db/crls worked
I backed it up first just in case, but sudo wiping the cache didn't cause any problems.
sudo rm /var/db/crls/crlcache*
sudo rm /var/db/crls/ocspcache.db*