Closed Bug 1035064 Opened 10 years ago Closed 10 years ago

Unable to add exception for SSL self signed cert

Categories

(Firefox :: Untriaged, defect)

Product:
Firefox
Component:
Untriaged
Version:
33 Branch
Platform:
x86
macOS
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1034270

People

(Reporter: anshprat, Unassigned)

Details

(Keywords: regression, reproducible, testcase) 

User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:33.0) Gecko/20100101 Firefox/33.0 (Beta/Release)
Build ID: 20140706030226

Steps to reproduce:

Go to a site with self signed certificate (in my case it was a LAN site)



Actual results:

Firefox gives the error as expected. Hoever clicking on Add Exception button is a noop. I can click on the button but nothing happens. I tried this in safe mode as well.

Giving the full text of the failure underneath:

This Connection is Untrusted

You have asked Nightly to connect securely to 192.168.5.250:8443, but we can't confirm that your connection is secure.

Normally, when you try to connect securely, sites will present trusted identification to prove that you are going to the right place. However, this site's identity can't be verified.
What Should I Do?

If you usually connect to this site without problems, this error could mean that someone is trying to impersonate the site, and you shouldn't continue.

192.168.5.250:8443 uses an invalid security certificate. The certificate is not trusted because it is self-signed. The certificate is only valid for Common Name (eg, YOUR name) (Error code: sec_error_unknown_issuer)

If you understand what's going on, you can tell Nightly to start trusting this site's identification. Even if you trust the site, this error could mean that someone is tampering with your connection.

Don't add an exception unless you know there's a good reason why this site doesn't use trusted identification.


Expected results:

The Add Exception button should allow me to accept the cert and proceed.
Testcase found through google: https://tv.eurosport.com/ . I can reproduce this. This: http://mxr.mozilla.org/mozilla-central/source/browser/base/content/browser.js#2329 is expecting to access aOwnerDoc, which patently doesn't exist in that scope.

I find myself wishing, once more, we had static analysis for this kind of stuff...
Status: UNCONFIRMED → NEW
Ever confirmed: true
Keywords: regression, reproducible, testcase
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.