Closed Bug 1515608 Opened 6 years ago Closed 6 years ago

consider allowing end-entities to be their own trust anchors (basically revert bug 1294580)

Categories

(Core :: Security: PSM, defect, P1)

Product:
Core
Component:
Security: PSM
Version:
63 Branch
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla68
Tracking Flags:
Tracking Status
firefox68 --- fixed

People

(Reporter: 249.shashi, Assigned: keeler)

References

(Blocks 1 open bug)

Details

(Whiteboard: [psm-assigned])

Attachments

(1 file)

bug 1515608 - allow end-entity certificates to be trust anchors for compatibility r?jcj
47 bytes, text/x-phabricator-request
Details | Review
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36 Steps to reproduce: 1. Installed localhost certificated and added to trusted list and availabled in Keychains. 2. Tested in Chrome and Safari browsers and these browsers accepting that localhost trusted certificate but it is failing with Mozilla. 3. For this followed about:config and enabled security.enterprise_roots.enabled boolean value to true but this is not working Mac mozilla browser, where as same process working in windows mozilla browser Tested this with Mozilla 63 and latest version 64 also. Actual results: Mozilla browser detecting them as untrusted site. Even though Safari and chrome browsers are accepting that as trusted. Expected results: Localhost trusted certificates available in Mac OS keychains should be accepted by Mozilla browser. And it should not show the site as untrusted.
Component: Untriaged → Security: PSM
Product: Firefox → Core
Blocks: enterprise-roots
Priority: -- → P2
Summary: macOS (Mac OS X) platform support for trusting self signed certificate → consider allowing end-entities to be their own trust anchors (basically revert bug 1294580)
Whiteboard: [psm-backlog]
Assignee: nobody → dkeeler
Priority: P2 → P1
Whiteboard: [psm-backlog] → [psm-assigned]
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Pushed by dkeeler@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/143fe24df3a9 allow end-entity certificates to be trust anchors for compatibility r=jcj

https://hg.mozilla.org/mozilla-central/rev/143fe24df3a9

Status: ASSIGNED → RESOLVED
Closed: 6 years ago
status-firefox68: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla68
Blocks: 1541012
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: