Closed Bug 1090844 Opened 10 years ago Closed 3 years ago

Deleting certificate (or cert8.db) is not enough, you have to clear the cache too

Categories

(Core :: Security, defect)

33 Branch
x86_64
Windows 8.1
defect
Not set
normal

Tracking

()

RESOLVED WORKSFORME

People

(Reporter: otahal, Unassigned)

Details

User Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0 SeaMonkey/2.30
Build ID: 20141013232806

Steps to reproduce:

vmware vcenter appliance.
Go to https://IP:5580
Accept the certificate.
Then regenerate the vmware appliance certificate.
Delete the old certificate from the browser.
Restart the browser.
Go to https://IP:5580 again.
Firefox (and Seamonkey) don't ask for "accept certificate" although the certificate was changed AND deleted.
Now, when entering user and password you get "Unable to connect to server. Please try again."
The reason: https://communities.vmware.com/message/2358646 is still valid.
Deleting cert8.db does not work either.
The final solution is: Delete the browser cache too!
Thanks for costing me a few hours of my life....


Actual results:

Unable to login into a https site after changing the server certificate. Even though the old certificate was deleted from browser control panel and the browser was restarted the browser still uses the old certificate from the cache.


Expected results:

When deleting the certificate from the Firefox / Seamonkey control panel it should NOT reuse the data from the browser cache, this is clearly a wrong behaviour.

This is similar to the comment at:
https://bugzilla.mozilla.org/show_bug.cgi?id=936304#c12
which pointed me in the right direction.
Component: Untriaged → Security
Product: Firefox → Core
The recent incident with Lenovo and Superfish made this bug obvious again.

This bug is still valid, however I don't come across anything nowadays which triggers the problem. VmWare, which caused this most of the time, has moved on. From my point of view this bug can be marked with "Out of date, not valid any more"

Status: UNCONFIRMED → RESOLVED
Closed: 3 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.