Closed
Bug 1491664
Opened 6 years ago
Closed 6 years ago
"ImportEnterpriseRoots": false does not work
Categories
(Firefox :: Enterprise Policies, defect, P1)
Tracking
()
RESOLVED
FIXED
Firefox 64
Tracking | Status | |
---|---|---|
firefox64 | --- | fixed |
People
(Reporter: soeren.hentzschel, Assigned: mkaply)
References
Details
Attachments
(1 file)
The ImportEnterpriseRoots does not work as expected. According to the documentation both true and false values are allowed: https://github.com/mozilla/policy-templates#certificates But it doesn't matter if you set ImportEnterpriseRoots to true or false. In both cases Firefox locks the pereference security.enterprise_roots.enabled to true. Maybe it's not intended to set the value to false. I looked at the code and the code doesn't handle different values, it always set security.enterprise_roots.enabled to true when the ImportEnterpriseRoots policy is used. In this case the documentation is wrong. But I guess it makes sense to allow both values, as documented, to lock the setting. First reported here: https://github.com/cadeyrn/enterprise-policy-generator/issues/46
Reporter | ||
Updated•6 years ago
|
Summary: ImportEnterpriseRoots policy is broken → "ImportEnterpriseRoots": false does not work
Reporter | ||
Comment 1•6 years ago
|
||
Hi Mike, even if you will fix the implementation or the documentation at a later point, could you please at least clarify whether the implementation or the documentation is wrong? Because if it's work as intended and only the documentation is wrong then I have to change the option in the Enterprise Policy Generator add-on and I have to make sure that there are no migrations problems with already saved configurations. It would be a help for me to know if I have to schedule time for this. Thank you!
Flags: needinfo?(mozilla)
Assignee | ||
Comment 2•6 years ago
|
||
I'm definitely planning to fix this in the code, but it was written to spec originally. I've updated the documentation.
Assignee: nobody → mozilla
Status: NEW → ASSIGNED
Flags: needinfo?(mozilla)
Assignee | ||
Comment 3•6 years ago
|
||
Assignee | ||
Updated•6 years ago
|
Priority: -- → P1
Pushed by mozilla@kaply.com: https://hg.mozilla.org/integration/autoland/rev/4e4d1fe0d17e Allow true and false for ImportEnterpriseRoots policy. r=Felipe
Comment 5•6 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/4e4d1fe0d17e
Status: ASSIGNED → RESOLVED
Closed: 6 years ago
status-firefox64:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → Firefox 64
You need to log in
before you can comment on or make changes to this bug.
Description
•