Public-Key-Pins: The certificate used by the site was not issued by a certificate in the default root certificate store

RESOLVED INVALID

Status

()

Firefox
Untriaged
RESOLVED INVALID
a year ago
a year ago

People

(Reporter: vishal, Unassigned)

Tracking

49 Branch
All
Windows 7
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

(Reporter)

Description

a year ago
Created attachment 8841326 [details]
public key pins.JPG

User Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Steps to reproduce:

i opened biugbountyvis.brickftp.com on forefox 49.0.2 version and i seen some error in developer mode options.
error like this:
Public-Key-Pins: The certificate used by the site was not issued by a certificate in the default root certificate store. To prevent accidental breakage, the specified header was ignored.[Learn More]



Actual results:

A daemon that performs cryptographic operations on behalf of a client application in mozila firefox


Expected results:

A daemon that should not performs cryptographic operations on behalf of a client application.
(Reporter)

Updated

a year ago
OS: Unspecified → Windows 7
Hardware: Unspecified → All

Comment 1

a year ago
Everything seems to be working as intended here, and this is not a security bug that needs to be hidden. I can't reproduce on a more current version of Firefox (49 is old and no longer supported). It's possible this was fixed, or that your copy of Firefox has a different trust store and you're being MITM'd by e.g. your employer, school, or ISP. Either way, not a Firefox bug.
Group: firefox-core-security
Status: UNCONFIRMED → RESOLVED
Last Resolved: a year ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.