Closed Bug 1237672 Opened 9 years ago Closed 8 years ago

FF 43.0.4 Error code: sec_error_bad_signature, no way to diagnose or proceed. Still broken on Firefox 46.0.1.

Categories

(Core Graveyard :: Security: UI, defect)

Product:
Core Graveyard
Component:
Security: UI
Version:
46 Branch
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 943937

People

(Reporter: g6330120, Unassigned)

Details

User Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:43.0) Gecko/20100101 Firefox/43.0 Build ID: 20160105164030 Steps to reproduce: Updated to Firefox 43.0.4, because it is supposed to allow access to sites with certs signed by SHA-1 Actual results: Site will not render, offers no diagnostic info, and no way to override. Error code: sec_error_bad_signature Only option is "Try Again" button which appears useless, and "Report Error", which sounds like it is entirely the wrong idea. Only workaround I see is to tell all users to migrate away from firefox. I like firefox, and do not want to abandon it. But I am struggling to find any workaround at all; it did not used to break this badly on cert issues. Expected results: Should have given some indication what the problem is. - Is SHA-1 support still broken? - Does it have trouble with the cert? - Does it not like the cert's signature? - Does it think the cert is expired? - Does it not like the signing cert? It should give some way to display the cert details, and the root cert details if that is what it is upset about. It should give some way to access the site.
Component: Untriaged → Security: UI
Product: Firefox → Core
Summary: FF 43.0.4 Error code: sec_error_bad_signature, no way to diagnose or proceed → FF 43.0.4 Error code: sec_error_bad_signature, no way to diagnose or proceed. Still broken on Firefox 46.0.1.
Version: 43 Branch → 46 Branch
Just discovered this is still broken on firefox 46.0.1. Possibly related to other open SSL bugs: * https://bugzilla.mozilla.org/show_bug.cgi?id=403220 * https://support.mozilla.org/it/questions/1013113 * https://bugzilla.mozilla.org/show_bug.cgi?id=1050302 about:config does not have an entry for "security.use_mozillapkix_verification", so that workaround is apparently not available.
If I'm understanding the purpose of this bug, it's to have Firefox display some more helpful information when the user encounters a fatal certificate verification error (of which sec_error_bad_signature is one). If so, then this should be fixed by bug 943937.
Status: UNCONFIRMED → RESOLVED
Closed: 8 years ago
Resolution: --- → DUPLICATE
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.