Closed
Bug 1289516
Opened 8 years ago
Closed 8 years ago
Add option to honor or import certificate authorities from OS cert store
Categories
(Core Graveyard :: Security: UI, defect)
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 1265113
People
(Reporter: brian, Unassigned)
Details
User Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:47.0) Gecko/20100101 Firefox/47.0 Build ID: 20160604131506 Steps to reproduce: 1. Visit an https site using a certificate issued by a local certificate authority that exists in the OS certificate trusted authorities store. Actual results: Navigation is blocked by the Secure Connection Failed page. Individual sites can gradually be added as exceptions, but this probably disables ALL https cert chain validation for these sites. Expected results: Firefox should provide an option (disabled by default) that falls back to the OS' certificate authority list, or else provide a simple UI to import certs from that list in the Certificate Manager. Ideally, a button to enter this UI would appear on the Secure Connection Failed page, to allow possible remediation as easily as disabling https validation entirely for the site. Firefox should not require users to export certificates from the OS list then import the certificate file, as this tends to require too much technical knowledge. Likewise, Firefox should not make disabling all certificate validation for a site the path of least friction, as that tends to become the default behavior. Ideally, Firefox shouldn't even require the user to know which certificates from the OS cert store should be used.
I'm assuming from your user agent you're on Windows. Luckily, this will soon be available for your platform - see bug 1265113 (it's been implemented but hasn't shipped in a release version yet).
Status: UNCONFIRMED → RESOLVED
Closed: 8 years ago
Resolution: --- → DUPLICATE
Assignee | ||
Updated•8 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•