Closed Bug 1115566 Opened 5 years ago Closed 4 years ago

Unable to get a certificate (imap, smtp)

Categories

(SeaMonkey :: MailNews: Account Configuration, defect, critical)

SeaMonkey 2.31 Branch
defect
Not set
critical

Tracking

(seamonkey2.32 affected, seamonkey2.33 affected, seamonkey2.34 affected, seamonkey2.35 fixed, seamonkey2.36 fixed, seamonkey2.37 fixed, seamonkey2.38 fixed, seamonkey2.39 fixed)

RESOLVED FIXED
seamonkey2.39
Tracking Status
seamonkey2.32 --- affected
seamonkey2.33 --- affected
seamonkey2.34 --- affected
seamonkey2.35 --- fixed
seamonkey2.36 --- fixed
seamonkey2.37 --- fixed
seamonkey2.38 --- fixed
seamonkey2.39 --- fixed

People

(Reporter: terraluna977, Assigned: neil)

References

Details

Attachments

(3 files)

Attached image The 2.31 dialog box
User Agent: Mozilla/5.0 (X11; Linux i686; rv:34.0) Gecko/20100101 Firefox/34.0 SeaMonkey/2.31
Build ID: 20141202221108

Steps to reproduce:

Starting with 2.31 the Seamonkey is unable to get an imap (nor smtp) certificate from an imap server, and as a result I can not use "Confirm Security Exception" button.


Actual results:

Message "Unable to obtain identification status for the given site".
The "Conform Security Exception" button greyed out.


Expected results:

In 2.30 and earlier I see a "View..." button, and can confirm that the self-signed cert is OK.
Component: General → MailNews: Account Configuration
Same problem present in 2.32b2
And it is not fixed in 2.32b3... 8-(
Also broken in 2.32
It is unable to "Get Certificate" - the button is not doing anything ...
As a result I can not "View" nor "Confirm Security Exception"
Upgraded to critical, as all mail subsystem is not functional.
Severity: normal → critical
I'm seeing this as well.

In the Error Console, I see the following errors:

Timestamp: 1/23/2015 3:22:35 PM
Error: mail_server_ip:143 uses an invalid security certificate.

The certificate is not trusted because no issuer chain was provided.
The certificate is only valid for mail_server_ip

(Error code: sec_error_unknown_issuer)

Timestamp: 1/23/2015 3:22:35 PM
Error: Attempted to connect to a site with a bad certificate in the add exception dialog. This results in a (mostly harmless) exception being thrown. Logged for information purposes only: [Exception... "Establishing a connection to an unsafe or otherwise banned port was prohibited"  nsresult: "0x804b0013 (NS_ERROR_PORT_ACCESS_NOT_ALLOWED)"  location: "JS frame :: chrome://pippki/content/exceptionDialog.js :: checkCert :: line 109"  data: no]
Source File: chrome://pippki/content/exceptionDialog.js
Line: 115
Status: UNCONFIRMED → NEW
Ever confirmed: true
Import server cert via manager doesn't help. The same exceptionDialog pops up.

Setting network.security.ports.banned.override to "143" in about:config changes error message in JS console to "ssl_error_rx_record_too_long".
Problem present in 2.32.1
Same problem in 2.33b1
I have started copying to the .mozilla/seamonkey/salt/ directory the cert_override.txt file from a 2.31 seamonkey installation, that seems to be enough to permit the connection. So basically the method to create the cert_override.txt file is missing in 2.32 / 2.33
WAG: Try backing out the three patches in https://bugzilla.mozilla.org/show_bug.cgi?id=1085509#c24
Flags: needinfo?(ewong)
Flags: needinfo?(ewong)
OS: Linux → All
Hardware: x86 → All
Whoops, this is my fault.

I fixed bug 1059476 for SeaMonkey 2.31, and uplifted it to 2.30, but there was a typo in it; I pushed a typo fix but only in the 2.30 branch so 2.31 and later don't have the fix :-(
http://hg.mozilla.org/releases/comm-beta/rev/673ba79dc3f4 is the typo fix that needs to be landed on trunk and all branches.
Blocks: 1059476
Comment on attachment 8642212 [details] [diff] [review]
patch from releases/comm-beta/rev/673ba79dc3f4

[Approval Request Comment]
Regression caused by (bug #): 1059476
User impact if declined: cannot get certificate in imap/smtp
Testing completed (on m-c, etc.): 
Risk to taking this patch (and alternatives if risky): none
String changes made by this patch: none
Attachment #8642212 - Flags: approval-comm-release?
Attachment #8642212 - Flags: approval-comm-beta?
Attachment #8642212 - Flags: approval-comm-aurora?
Assignee: nobody → neil
Status: NEW → ASSIGNED
Comment on attachment 8642212 [details] [diff] [review]
patch from releases/comm-beta/rev/673ba79dc3f4

[Triage Comment]
r=me and a=me for all branches (including esr38 if needed) and for CLOSED TREE
Attachment #8642212 - Flags: review?(iann_bugzilla)
Attachment #8642212 - Flags: review+
Attachment #8642212 - Flags: approval-comm-release?
Attachment #8642212 - Flags: approval-comm-release+
Attachment #8642212 - Flags: approval-comm-beta?
Attachment #8642212 - Flags: approval-comm-beta+
Attachment #8642212 - Flags: approval-comm-aurora?
Attachment #8642212 - Flags: approval-comm-aurora+
Target Milestone: --- → seamonkey2.39
Pushed to comm-release SEAMONKEY_2_35_RELEASE_BRANCH
http://hg.mozilla.org/releases/comm-release/rev/ded408137138
Status: ASSIGNED → RESOLVED
Closed: 4 years ago
Resolution: --- → FIXED
Seems working OK on 2.35 Seamonkey
You need to log in before you can comment on or make changes to this bug.