Closed Bug 102006 Opened 23 years ago Closed 8 years ago

Connecting to a site whose SSL cert is revoked.

Categories

(Core Graveyard :: Security: UI, defect, P2)

Product:
Core Graveyard
Component:
Security: UI
Version:
1.0 Branch
Platform:
x86
Windows NT
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED INVALID

People

(Reporter: lgopal, Unassigned)

References

Details

(Whiteboard: [kerh-coz]) 

Build : 20010927
Setup CMS server
1.Create two cMS server instances CA1 CA2. CA1 is root CA .
CA2 ca signing cert and SSL server cert should be both signed by CA1. 
2. Go to CA1 agent page and put CA4's ssl server cert on hold. Update the
revocation list in CA1.

From browser .
1. Create a new profile "Test".
2. Connect to a CA2 SSL server port.
  ( Note : This  cert is revoked.) . The certificate manager page shows up.
3. Connect to CA1's EE page and Import the latest CRL.
4. Clear Disk and memory cache using EDIT->PREFERENCES.
5. Restart the browser. Connect to CA2 SSL server port. The Certificate manager
page shows up.

correct behaviour :  should  not  connect to CA2 SSL server port.
Priority: -- → P1
Summary: Connecting to a site whose SSL cert is revoked. → Connecting to a site whose SSL cert is revoked.
Target Milestone: --- → 2.1
Priority: P1 → P2
Target Milestone: 2.1 → Future
Mass reassign ssaux bugs to nobody
Assignee: ssaux → nobody
Mass change "Future" target milestone to "--" on bugs that now are assigned to
nobody.  Those targets reflected the prioritization of past PSM management.
Many of these should be marked invalid or wontfix, I think.
Target Milestone: Future → ---
Product: PSM → Core
Whiteboard: [kerh-coz]
QA Contact: junruh → ui
Version: psm2.1 → 1.0 Branch
Bug 867465 removed support for CRLs.
=> INVALID now.
Status: NEW → RESOLVED
Closed: 8 years ago
Depends on: 867465
Resolution: --- → INVALID
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.