1241447 - Firefox on android does not allow proper download of already known certificates

Status: RESOLVED DUPLICATE of bug 1024871

(Firefox for Android Graveyard :: General, defect)

Description

[Jonas Thiem]

User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:46.0) Gecko/20100101 Firefox/46.0
Build ID: 20160119030232
Firefox for Android

Steps to reproduce:

1. Browse to https://www.pki.dfn.de/fileadmin/PKI/zertifikate/deutsche-telekom-root-ca-2.crt
2. Attempt to download

Why would I need to do that with the certificate already being known to my android? The reason is that it is only known/registered as a VPN certificate, not for WLAN use. To fix that, tutorials on the web suggest reimporting it with another name for WLAN use. However, that is made impossible by firefox refusing to download known certificate files again, even when the exact URL is specified by the user.


Actual results:

"This certificate is already installed as a certificate authority"


Expected results:

Download of the file starts to the "Downloads" folder, or I am offered an import of the certificate under some name different than the existing entry

Comment 1

[:Gijs (he/him)]

This isn't a security issue, and is basically a duplicate of bug 1098183 but with an existing certificate. Looks most likely to be fixed by fixing bug 1024871.

Comment 2

[Jonas Thiem]

Well it is, because now I'm unable to import my certificate properly. Reportedly this works fine with other browsers (I asked some other android users), but because I'm on Cyanogenmod without Google Apps, firefox is my main browser and I don't use any others.

So it does make this particular security detail harder to do right for the user than it should be.

Comment 3

[Jonas Thiem]

(Please note the import functionality wouldn't need to be removed to fix this, it would be enough to display a simple dialog offering either a download or a direct import of the cert)

Comment 5

[miralobontiu]

Taking into consideration Comment 1, I will close this issue as Duplicate.