Closed Bug 1426107 Opened 6 years ago Closed 6 years ago

Import of expired certificate fails

Categories

(Firefox :: Security, defect)

Product:
Firefox
Component:
Security
Version:
52 Branch
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1257403

People

(Reporter: jan.skarvall, Unassigned)

Details

User Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:57.0) Gecko/20100101 Firefox/57.0
Build ID: 20171129230835

Steps to reproduce:

I tried to install a users certificate that has expired under the People tab.


Actual results:

I get an alert: The certificate can't be verified and will not be imported. The certificate issuer might be unknown or untrusted, the certificate might have been expired or been revoked, or the certificate might not have been approved.


Expected results:

The certificate should have been imported.

Without being able to import it, it is not possible to verify signatures that was created using the expired certificate. See also http://kb.mozillazine.org/Message_security#Expired_Certificate.

(In fact I do not understand why keeping the expired certificate to be able to verify the signature is necessary. Why can't I verify old signatures with a renewed certificate, i.e. with the same public key?)
Yes, it's the same in Firefox. In fact, Thunderbird uses Mozilla core software for this. So let's move this to the Firefox queue.
Product: Thunderbird → Firefox
Try with beta? bug 1257403 may have fixed this.
Flags: needinfo?(jan.skarvall)
I tried with Thunderbird Beta Version 58.0b2 (64-bit). Import of expired certificates works with that version.
Flags: needinfo?(jan.skarvall)
Status: UNCONFIRMED → RESOLVED
Closed: 6 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.