Closed Bug 1115566 Opened 10 years ago Closed 9 years ago

Unable to get a certificate (imap, smtp)

Categories

(SeaMonkey :: MailNews: Account Configuration, defect)

Product:
SeaMonkey
Component:
MailNews: Account Configuration
Version:
SeaMonkey 2.31 Branch
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

(seamonkey2.32 affected, seamonkey2.33 affected, seamonkey2.34 affected, seamonkey2.35 fixed, seamonkey2.36 fixed, seamonkey2.37 fixed, seamonkey2.38 fixed, seamonkey2.39 fixed)

Status:
RESOLVED FIXED
Milestone:
seamonkey2.39
Tracking Flags:
Tracking Status
seamonkey2.32 --- affected
seamonkey2.33 --- affected
seamonkey2.34 --- affected
seamonkey2.35 --- fixed
seamonkey2.36 --- fixed
seamonkey2.37 --- fixed
seamonkey2.38 --- fixed
seamonkey2.39 --- fixed

People

(Reporter: terraluna977, Assigned: neil)

References

Details

Attachments

(3 files)

The 2.31 dialog box
30.06 KB, image/jpeg
Details
The 2.30 dialog box enabling to Confirm Security Exception
38.23 KB, image/jpeg
Details
patch from releases/comm-beta/rev/673ba79dc3f4
940 bytes, patch
iannbugzilla
: review+
iannbugzilla
: approval-comm-aurora+
iannbugzilla
: approval-comm-beta+
iannbugzilla
: approval-comm-release+
Details | Diff | Splinter Review
Attached image The 2.31 dialog box 
User Agent: Mozilla/5.0 (X11; Linux i686; rv:34.0) Gecko/20100101 Firefox/34.0 SeaMonkey/2.31
Build ID: 20141202221108

Steps to reproduce:

Starting with 2.31 the Seamonkey is unable to get an imap (nor smtp) certificate from an imap server, and as a result I can not use "Confirm Security Exception" button.


Actual results:

Message "Unable to obtain identification status for the given site".
The "Conform Security Exception" button greyed out.


Expected results:

In 2.30 and earlier I see a "View..." button, and can confirm that the self-signed cert is OK.
Component: General → MailNews: Account Configuration
Same problem present in 2.32b2
And it is not fixed in 2.32b3... 8-(
Also broken in 2.32
It is unable to "Get Certificate" - the button is not doing anything ...
As a result I can not "View" nor "Confirm Security Exception"
Upgraded to critical, as all mail subsystem is not functional.
Severity: normal → critical
I'm seeing this as well.

In the Error Console, I see the following errors:

Timestamp: 1/23/2015 3:22:35 PM
Error: mail_server_ip:143 uses an invalid security certificate.

The certificate is not trusted because no issuer chain was provided.
The certificate is only valid for mail_server_ip

(Error code: sec_error_unknown_issuer)

Timestamp: 1/23/2015 3:22:35 PM
Error: Attempted to connect to a site with a bad certificate in the add exception dialog. This results in a (mostly harmless) exception being thrown. Logged for information purposes only: [Exception... "Establishing a connection to an unsafe or otherwise banned port was prohibited"  nsresult: "0x804b0013 (NS_ERROR_PORT_ACCESS_NOT_ALLOWED)"  location: "JS frame :: chrome://pippki/content/exceptionDialog.js :: checkCert :: line 109"  data: no]
Source File: chrome://pippki/content/exceptionDialog.js
Line: 115
Status: UNCONFIRMED → NEW
Ever confirmed: true
Import server cert via manager doesn't help. The same exceptionDialog pops up.

Setting network.security.ports.banned.override to "143" in about:config changes error message in JS console to "ssl_error_rx_record_too_long".
Problem present in 2.32.1
Same problem in 2.33b1
I have started copying to the .mozilla/seamonkey/salt/ directory the cert_override.txt file from a 2.31 seamonkey installation, that seems to be enough to permit the connection. So basically the method to create the cert_override.txt file is missing in 2.32 / 2.33
WAG: Try backing out the three patches in https://bugzilla.mozilla.org/show_bug.cgi?id=1085509#c24
Flags: needinfo?(ewong)
Flags: needinfo?(ewong)
OS: Linux → All
Hardware: x86 → All
Whoops, this is my fault.

I fixed bug 1059476 for SeaMonkey 2.31, and uplifted it to 2.30, but there was a typo in it; I pushed a typo fix but only in the 2.30 branch so 2.31 and later don't have the fix :-(
http://hg.mozilla.org/releases/comm-beta/rev/673ba79dc3f4 is the typo fix that needs to be landed on trunk and all branches.
Blocks: 1059476
Comment on attachment 8642212 [details] [diff] [review]
patch from releases/comm-beta/rev/673ba79dc3f4

[Approval Request Comment]
Regression caused by (bug #): 1059476
User impact if declined: cannot get certificate in imap/smtp
Testing completed (on m-c, etc.): 
Risk to taking this patch (and alternatives if risky): none
String changes made by this patch: none
Attachment #8642212 - Flags: approval-comm-release?
Attachment #8642212 - Flags: approval-comm-beta?
Attachment #8642212 - Flags: approval-comm-aurora?
Assignee: nobody → neil
Status: NEW → ASSIGNED
Comment on attachment 8642212 [details] [diff] [review]
patch from releases/comm-beta/rev/673ba79dc3f4

[Triage Comment]
r=me and a=me for all branches (including esr38 if needed) and for CLOSED TREE
Attachment #8642212 - Flags: review?(iann_bugzilla)
Attachment #8642212 - Flags: review+
Attachment #8642212 - Flags: approval-comm-release?
Attachment #8642212 - Flags: approval-comm-release+
Attachment #8642212 - Flags: approval-comm-beta?
Attachment #8642212 - Flags: approval-comm-beta+
Attachment #8642212 - Flags: approval-comm-aurora?
Attachment #8642212 - Flags: approval-comm-aurora+
status-seamonkey2.35: affectedfixed
status-seamonkey2.36: --- → fixed
status-seamonkey2.37: --- → fixed
status-seamonkey2.38: --- → fixed
status-seamonkey2.39: --- → fixed
Target Milestone: --- → seamonkey2.39
Pushed to comm-release SEAMONKEY_2_35_RELEASE_BRANCH
http://hg.mozilla.org/releases/comm-release/rev/ded408137138
Status: ASSIGNED → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
Seems working OK on 2.35 Seamonkey
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: