Closed Bug 150697 Opened 23 years ago Closed 22 years ago

FIPS: Cannot remember cert at mismanaged web site.

Categories

(Core Graveyard :: Security: UI, defect, P3)

Product:
Core Graveyard
Component:
Security: UI
Version:
1.0 Branch
Type:
defect

Tracking

(Not tracked)

Status:
VERIFIED WORKSFORME
Milestone:
psm2.4

People

(Reporter: junruh, Assigned: KaiE)

References

(
URL
)

Details

(Keywords: regression)

Enable FIPS, create a master password, and then logout. 1.) Visit the above in-house untrusted CA site. 2.) Put a check in "Remember this certificate permanently" and click continue. What happens: I am asked to repeat step 2 continuously, and cannot reach the site unless I choose not to remember the certificate.
Blocks: fips
Marking works for me. Now I am asked to log in to the master password, and can reach the site.
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → WORKSFORME
Verified.
Status: RESOLVED → VERIFIED
Reopening. This is happening again.
Status: VERIFIED → REOPENED
Resolution: WORKSFORME → ---
*** Bug 165920 has been marked as a duplicate of this bug. ***
I see the same happening, but ONLY in linux, not in win2k. What could be the difference? One thing I have as a difference is that in win2k I have a blank FIPS passwd and in linux I have a valid passwd. Apparently the site does not exist any more, I have one set up at https:80.196.18.152/Demo-dir:443 You can try this if you want. All other browsers tested (IE5.00 and Netscape 4.79.) work fine with this once I accept the cert. as valid.
Sten, please use the latest nightly builds. You can no longer have a blank FIPS password with a new build.
URL: https://pki.mcom.com:5002https://80.196.18.152/
Keywords: nsbeta1, regression
Priority: -- → P3
Version: 2.3 → 2.4
Just one comment: I switched to 2002090608, I still have a blank password. It just takes over whatever was there and does not require me to change passwd. FIPS-mode and non-FIPS-mode is not very clear, it's only reflected in "change master passwd". Mr. whoever is certainly going to loose himself in this, if there is not a lot more clarity about it in every menu where it makes a difference. I could not switch back to a blank passwd, so that seems to work anyway. All this is on win2k, linux comments will follow.
Sten: The new build only forces you to have a password when you switch to FIPS. There is no such check when you have already FIPS mode enabled. When you use FIPS without a master password set, you are operating out of specification. It was a bug that we allowed you to go without a password in FIPS mode in the past. Please set your password, and don't report bugs on misbehaviour while you have no password set in FIPS mode. Thanks :)
Linux now tried, results same: asks for me to believe the cert, when I try to say yes, please keep it and trust it, I get the same question over and over. From my point of view, all works as it is origanlly described in this bug. ALL passwords are now valid.
Keywords: nsbeta1nsbeta1+
Works for me with the Nov 4, 2002 win2000 and Linux commercial trunk builds.
Status: REOPENED → RESOLVED
Closed: 23 years ago22 years ago
OS: Windows 2000 → All
Hardware: PC → All
Resolution: --- → WORKSFORME
Target Milestone: --- → 2.4
V
Status: RESOLVED → VERIFIED
Product: PSM → Core
Version: psm2.4 → 1.0 Branch
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.