Closed Bug 478938 Opened 15 years ago Closed 7 years ago

Add ability to choose client certs

Categories

(Firefox for Android Graveyard :: General, defect)

Product:
Firefox for Android Graveyard
Component:
General
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(fennec1.0-)

Status:
RESOLVED DUPLICATE of bug 845375
Tracking Flags:
Tracking Status
fennec 1.0- ---

People

(Reporter: madhava, Unassigned)

References

Details

Attachments

(1 file)

Screenshot of current (desktop) cert selection on Android
61.55 KB, image/png
Details 
See here for a mockup/wireframe:

https://wiki.mozilla.org/Mobile/UI/Designs/TouchScreen/workingUI#Client_Certificates

Especially for users in Europe, we should provide a mechanism so that users can choose a client-side certificate when prompted for identification by a website.
Flags: wanted-fennec1.0?
tracking-fennec: --- → ?
tracking-fennec: ? → 1.0-
Flags: wanted-fennec1.0? → wanted-fennec1.0+
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → DUPLICATE
verified as duplicate
Status: RESOLVED → VERIFIED
Client-certificates were not addressed by the resolution of bug 436076.  Reopening this bug to track client-side certificate UI.
Status: VERIFIED → REOPENED
Resolution: DUPLICATE → ---
with recent comments on the internet about how Android users are stuck with the recently revoked Diginotar certs for some time (i've read that only an OTA can update the cert store for the stock Android), it might be worth taking another look at implementing this ?
(In reply to Ian Melven :imelven from comment #5)
> with recent comments on the internet about how Android users are stuck with
> the recently revoked Diginotar certs for some time (i've read that only an
> OTA can update the cert store for the stock Android), it might be worth
> taking another look at implementing this ?

oops, never mind this is about client certs - ignore that !

(i still think client certs in Fennec would be a cool feature though.. )
Flags: wanted-fennec1.0+
Product: Fennec → Firefox for Android
I really needed this functionality so I looked around for workarounds. I found this [1] thread on the support forum. There are two solutions listed, one involving an extension (outdated) and one involving modifying cert9.db and key4.db on the desktop.

I tried the second solution and Firefox started to present the cert chooser from desktop Firefox. I am unable to press the OK button there, but after setting "security.default_personal_cert" to "Select Automatically" in about:config it just selects the cert without asking. Hope this information is useful for other users.

It would still be great to have this functionality supported out of the box. In the meanwhile, having a Android binary of p12util would be useful. Can it be compiled on Android/ARM?

[1] https://support.mozilla.org/en-US/questions/786035?s=certificate&as=s
bug 845375 addresses the issue of being unable to press the OK button. It has been committed and I would guess it should be available in nighties. Not sure when it would hit aurora, beta etc. 

This modified version of the cert manager plugin allows you to install a p12 client cert file:- https://dl.dropbox.com/u/284659/cert-manager.xpi

I would be interested in getting involved in helping sort out proper support for managing client certs.
Bug 845375 added native, working UI that fixes what this bug was originally filed for (selecting client certs).

Importing client certs I believe can be done through add-ons (AddCertificate etc).
The bug for adding built in UI for importing client certs is Bug 868370.
Status: REOPENED → RESOLVED
Closed: 15 years ago7 years ago
Resolution: --- → DUPLICATE
There is no add-on that will allow importing certificates for recent versions of Fennec (> 13, we are right in the 50 range), so we are still unable to use certificates in mobile Firefox :(
Product: Firefox for Android → Firefox for Android Graveyard
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: