Closed
Bug 1109773
Opened 11 years ago
Closed 11 years ago
self signed certificate does not get accepted
Categories
(Core Graveyard :: Security: UI, defect)
Tracking
(Not tracked)
RESOLVED
INVALID
People
(Reporter: nsm, Unassigned)
Details
STR:
1) Visit https://webmail.daiict.ac.in (This is a college in India)
2) Get invalid cert page
3) Click "Add Exception", click "Confirm..." (it does not matter if "Permanently..." is checked or not, both cases still cause the bug).
4) Exception is not really added, the error page still keeps showing.
The certificate itself is being stored in the browser as an exception, as seen through prefs -> advanced -> certs -> view certs (under servers tab - DAIICT), but the rule doesn't seem to be obeyed.
This problem is present on Nightly (37) and also being encountered by my professor on Firefox 33.
Interestingly, the cert for another self signed website - https://www.climbfind.com, does not exhibit the same problems. It loads fine after accepting the certificate.
Sounds somewhat like bug 576516, but that is a really old bug.
|
Reporter | |
Comment 1•11 years ago
|
||
The same error does not manifest in a private browsing window, where accepting the cert redirects to the website.
|
||
Comment 2•11 years ago
|
||
Every time I connect to https://webmail.daiict.ac.in, it gives me a certificate with a different serial number. The way certificate exceptions work in Firefox is essentially by pinning the certificate sent by the server to the given host/port. If the server sends a different certificate each time, there's no way to do that. I don't know why it works in private browsing mode - maybe the server decides to actually only use one certificate in that case. Anyway, long story short is that site is broken. In addition to not using a different certificate for each connection, they should get a certificate issued by a public certificate authority. There are plenty of affordable options available.
|
|
Reporter | |
Comment 3•11 years ago
|
||
I can confirm that the same problem happens in Chromium (39). I'll try contacting the administrator of the domain.
|
|
Reporter | |
Comment 4•11 years ago
|
||
This has been resolved by the administrator of the domain. Thanks!
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → INVALID
|
Assignee | |
Updated•9 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•