Closed
Bug 1089864
Opened 10 years ago
Closed 8 years ago
(Error code: sec_error_unknown_issuer) when ESET SMART SECURITY 8 "Always scan SSL protocol" is enabled
Categories
(Core :: Security: PSM, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 1265113
People
(Reporter: alice0775, Unassigned)
References
()
Details
(Whiteboard: [parity-Chrome][parity-IE])
Steps to reproduce:
1. Install ESET SMART SECURITY 8
2. Advanced setup > Web and email > Protocol filtering > SSL
Check "Always scan SSL protocol", then OK
3.Start Firefox
4. Open about:addons , then Select "Get Add-ons" Pane
OR https://bugzilla.mozilla.org/ etc
Actual Results
Error code: sec_error_unknown_issuer
|
||
Comment 1•10 years ago
|
||
This sounds like ESET man-in-the-middles everything with a cert signed by an unknown authority. It's probably ESET's job to put the relevant CA in the cert store, and even then I'd be surprised if this worked with cert pinning etc... Not really sure what the expected behaviour here would be. Alice, what do you think we should be doing?
Flags: needinfo?(alice0775)
|
Reporter | |
Comment 2•10 years ago
|
||
Honestly, I think there is a responsibility to ESET. Firefox fails to connect https://www.google.com . However, Chrome and IE can connect https://www.google.com . So, Mark [parity-Chrome][parity-IE]. Fortunately, The "scan SSL protocol" is not default setting of ESET.
Flags: needinfo?(alice0775)
Whiteboard: [parity-Chrome][parity-IE]
|
||
Updated•10 years ago
|
Component: General → Security: PSM
Product: Firefox → Core
My thoughts are that this is FF issue. We have same problems in our selfdeveloped application for sniffing https traffic (MITM yes, but sertificate was corractly created via cert center). Everything works fine with chrome and IE, only FF have problems (sec_error_unknown_issuer). So, if every browser telling us that our sert is correct, and only FF told that it is not, i think this is defect of FF not others... .
|
||
Comment 5•9 years ago
|
||
¡Hola Alice! Would it be possible for you to attach the problematic certificate from ESET to this bug? Confirming as a user popped with this issue on IRC at #firefox ¡Gracias! Alex
Status: UNCONFIRMED → NEW
Ever confirmed: true
Flags: needinfo?(alice0775)
|
|
||
Updated•9 years ago
|
|
|
||
Updated•9 years ago
|
Has STR: --- → yes
|
|
Reporter | |
Comment 6•9 years ago
|
||
Sorry, I do not have a test environment now.....
Flags: needinfo?(alice0775)
This should be fixed by bug 1265113 (and setting the new pref "security.enterprise_roots.enabled" to true).
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•