Closed Bug 1180151 Opened 9 years ago Closed 9 years ago

Hosted WebApps with self-signed https certificate are unusable

Categories

(Firefox :: Security, defect)

Product:
Firefox
Component:
Security
Version:
38 Branch
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 433422

People

(Reporter: bugzilla.mozilla.org, Unassigned)

Details

Attachments

(1 file)

Screenshot-Firefox-WebApp-Invalid-Cert.png
84.27 KB, image/png
Details 
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Firefox/38.0
Build ID: 20150602115007

Steps to reproduce:

1. Visit a site with a self-signed certificate which hosts a webapp.
2. Permanently accept the self-signed certificate.
3. Install the WebApp (using JavaScript API)
4. Open the installed WebApp


Actual results:

An alert box saying "localhost:8080 uses an invalid security certificate." shows up (see screenshot).

The app is unusable because the page stays blank.


Expected results:

Instead of the alert box it would be better to show the same warning as in "normal" Firefox tabs. This gives the user to option to accept the cert.

Optionally: Auto-Accept the cert because the user has already accepted it in the browser.
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0
Nightly 45.0a1 Build ID:20151208030226
and Firefox 42.0

Thank you for your comment. Are you still  getting the same issue in the latest version ?
Component: Untriaged → Security
Flags: needinfo?(marco_holz)
Yes. The error code changed to "Error code: <a id="errorCode" title="SEC_ERROR_UNKNOWN_ISSUER">SEC_ERROR_UNKNOWN_ISSUER</a>" but the behavior is the same.
Flags: needinfo?(marco_holz)
Status: UNCONFIRMED → RESOLVED
Closed: 9 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: