Closed Bug 1374782 Opened 7 years ago Closed 7 years ago

Imported CA certificate is delete after each reboot

Categories

(Core :: Security: PSM, defect)

Product:
Core
Component:
Security: PSM
Version:
54 Branch
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED INCOMPLETE

People

(Reporter: eiopago47, Unassigned, NeedInfo)

Details

(Keywords: dataloss)

Attachments

(1 file)

Before-After Reboot.JPG
77.49 KB, image/jpeg
Details
Attached image Before-After Reboot.JPG 
User Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:54.0) Gecko/20100101 Firefox/54.0
Build ID: 20170608105825

Steps to reproduce:

I run a transparent squid proxy server in my company
Every user to be able to access https websites has to import our own CA certificate in Firefox for squid to incercept.



Actual results:

Since the update to Firefox 54 (64 bit), https sites are accessible right after importing our CA certificate but after each reboot of a computer the certificate disappears from Firefox and has to be re-imported.
Because of this we get the following error when opening https sites:




Expected results:

Our CA certificate should not be deleted.

I have tried to refresh Firefox but the behaviour is the same.
This is the error we get:

Your connection is not secure

The owner of www.facebook.com has configured their web site improperly. To protect your information from being stolen, Firefox has not connected to this web site.

This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely. As a result, it is not possible to add an exception for this certificate.
Component: Untriaged → Disability Access APIs
Keywords: dataloss
Product: Firefox → Core
Oops...
Component: Disability Access APIs → Security: PSM
Some things to check:
* Do you have any add-ons installed that may be removing the added certificate?
* Is the user's profile getting cleared for some reason between runs of Firefox?
* How are you adding the certificate? (e.g. via the certificate manager?)
Flags: needinfo?(eiopago47)
Hi David,

Some answers for you:

1- No add-ons
2- Not between runs of Firefox, but after each reboot of the computer the profile folder in C:\Users\fred\AppData\Roaming\Mozilla\Firefox\Profiles has a different name.
3- The certificate is added via the certificate manager (as shown in the attachement I sent when I reported the bug)
Flags: needinfo?(eiopago47)
Thanks! Are other settings saved? For example, bookmarks or open tabs? (e.g. if you configure Firefox to "show your windows and tabs from last time")
Flags: needinfo?(eiopago47)
All those settings are saved. I can restore the previous session no problem and bookmarks are saved too.
Flags: needinfo?(eiopago47)
Hmmm. To expand on comment 4 a bit, when and why does the profile location change? If you run Firefox once, import the certificate, and run Firefox again (without restarting your computer), does it work as expected? If so, it would seem that another process outside of Firefox's control might be messing with your profile directory and causing this behavior.
Flags: needinfo?(eiopago47)
Status: UNCONFIRMED → RESOLVED
Closed: 7 years ago
Resolution: --- → INCOMPLETE
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: