Closed Bug 1472375 Opened 6 years ago Closed 6 years ago

Allow ESR version to accept corporate self-signed certificate

Categories

(Toolkit :: Add-ons Manager, defect)

Product:
Toolkit
Component:
Add-ons Manager
Version:
60 Branch
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED WONTFIX

People

(Reporter: u608644, Unassigned)

References

Details

User Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:60.0) Gecko/20100101 Firefox/60.0 Build ID: 20100101 Steps to reproduce: 1. Install Firefox ESR on company computers. 2. Install company's unsigned add-on[internal use only] (xpi.signature.required = false) 3. After installation, right-clik the add-on and check for update. Actual results: addons.update-checker WARN Request failed: https://corporate.internal/addon_update.json - [Exception... "Certificate issuer is not built-in." nsresult: "0x80004004 (NS_ERROR_ABORT)" location: "JS frame :: resource://gre/modules/CertUtils.jsm :: checkCert :: line 163" data: no] Expected results: We already added https://corporate.internal/'s Root certificate as trust chain, so Firefox never complain when we visit https://corporate.internal/. I want you to accept https://(self-signed & already trusted) address ad manifest.json - update_url.
"as" manifest.json. "applications":{..."update_url":"https://corporate.internal/...
Component: Untriaged → Add-ons Manager
Product: Firefox → Toolkit
We won't be changing the existing behavior. In bug 1303183 we intend to move to signed content instead of realying on a pinned certificate for the underlying TLS connection. In the mean time, you can set the preference extensions.update.requireBuiltInCerts to false to skip that check.
Status: UNCONFIRMED → RESOLVED
Closed: 6 years ago
Resolution: --- → WONTFIX
See Also: → 1303183
You need to log in before you can comment on or make changes to this bug.