Closed Bug 1519027 Opened 6 years ago Closed 6 years ago

permanently accept ssl certificate does not show up

Categories

(Core :: Security: PSM, defect)

66 Branch
defect
Not set
normal

Tracking

()

RESOLVED DUPLICATE of bug 1504483

People

(Reporter: maggus.staab, Unassigned)

Details

Attachments

(1 file)

User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0

Steps to reproduce:

using FF Nightly when browsing a site with a self-signed certificate does not longer allow me to "permanently accept" the self signed certificate.

browsing the same site with the current stable channgel works as expected

STR

  • open a website which contains a custom cert
  • firefox renders the "this site is insecure message"
  • click the "i know what I am doing, proceed button"

Actual results:

firefox nightly immediately starts to open the page. I need to re-accept the cert after closing and re-opening nightly. I have no way to permanently accept the custom cert.

firefox stable in contrast opens a dialog which shows me the certificate details and allows me to tick a checkbox to "permanently" trust this self signed certificate

Expected results:

nightly should show me the same dialog/options which stable currently provides

Any difference if you try the following?

  1. Type about:support into the address bar.
  2. Click the "Open Folder" button.
  3. Exit Firefox.
  4. In the window that opened earlier, move the xulstore.json somewhere like the desktop.

If there's no difference, you can put the file back while Firefox isn't running. In that case, it would be very helpful if you could find the exact regression range:
https://mozilla.github.io/mozregression/quickstart.html

This looks like a duplicate of bug 1517315, but the reporter there hasn't provided this information, so this would help move things forward.

Component: Untriaged → Security: PSM
Flags: needinfo?(maggus.staab)
Product: Firefox → Core

thanks for your help.

I tried the steps, but it didn't change anything regarding my reported problem.

Flags: needinfo?(maggus.staab)
Attached image bisect-result.png

here we go:

2019-01-10T17:08:09: INFO : Running mozilla-inbound build built on 2018-08-17 14:28:36.595000, revision 4bb194e1
2019-01-10T17:08:11: INFO : Launching c:\Users\mstaab\AppData\Local\Temp\tmpyri8ll\firefox\firefox.exe
2019-01-10T17:08:11: INFO : Application command: c:\Users\mstaab\AppData\Local\Temp\tmpyri8ll\firefox\firefox.exe --wait-for-browser -profile c:\users\mstaab\appdata\local\temp\tmpnlky6c.mozrunner
2019-01-10T17:08:11: INFO : application_buildid: 20180817132639
2019-01-10T17:08:11: INFO : application_changeset: 4bb194e17f26293ae8fed85e65fd56081e944da2
2019-01-10T17:08:11: INFO : application_display_name: Firefox Nightly
2019-01-10T17:08:11: INFO : application_id: {ec8030f7-c20a-464f-9b0e-13a3a9e97384}
2019-01-10T17:08:11: INFO : application_name: Firefox
2019-01-10T17:08:11: INFO : application_remotingname: firefox
2019-01-10T17:08:11: INFO : application_repository: https://hg.mozilla.org/integration/mozilla-inbound
2019-01-10T17:08:11: INFO : application_vendor: Mozilla
2019-01-10T17:08:11: INFO : application_version: 63.0a1
2019-01-10T17:08:11: INFO : platform_buildid: 20180817132639
2019-01-10T17:08:11: INFO : platform_changeset: 4bb194e17f26293ae8fed85e65fd56081e944da2
2019-01-10T17:08:11: INFO : platform_repository: https://hg.mozilla.org/integration/mozilla-inbound
2019-01-10T17:08:11: INFO : platform_version: 63.0a1
2019-01-10T17:08:22: INFO : [Child 8772, Chrome_ChildThread] WARNING: pipe error: 109: file z:/build/build/src/ipc/chromium/src/chrome/common/ipc_channel_win.cc, line 346
2019-01-10T17:08:22: INFO : [Child 10712, Chrome_ChildThread] WARNING: pipe error: 109: file z:/build/build/src/ipc/chromium/src/chrome/common/ipc_channel_win.cc, line 346
2019-01-10T17:08:22: INFO : [Child 10712, Chrome_ChildThread] WARNING: pipe error: 109: file z:/build/build/src/ipc/chromium/src/chrome/common/ipc_channel_win.cc, line 346
2019-01-10T17:08:22: INFO : [Parent 13736, Gecko_IOThread] WARNING: pipe error: 109: file z:/build/build/src/ipc/chromium/src/chrome/common/ipc_channel_win.cc, line 346
2019-01-10T17:08:22: INFO : [GPU 7936, Chrome_ChildThread] W
2019-01-10T17:08:22: INFO : ###!!! [Child][MessageChannel::SendAndWait] Error: Channel error: cannot send/recv
2019-01-10T17:08:22: INFO :
2019-01-10T17:08:24: INFO : Narrowed inbound regression window from [62d4efbe, d9466b48] (3 builds) to [62d4efbe, 4bb194e1] (2 builds) (~1 steps left)
2019-01-10T17:08:24: DEBUG : Starting merge handling...
2019-01-10T17:08:24: DEBUG : Using url: https://hg.mozilla.org/integration/mozilla-inbound/json-pushes?changeset=4bb194e17f26293ae8fed85e65fd56081e944da2&full=1
2019-01-10T17:08:25: DEBUG : Found commit message:
Bug 1474820 - Add the 'Accept the Risk and Add Exception' Button to the new certificate error pages r=johannh

2019-01-10T17:08:25: DEBUG : Did not find a branch, checking all integration branches
2019-01-10T17:08:25: INFO : The bisection is done.
2019-01-10T17:08:25: INFO : Stopped

This is how Firefox handles certificate error exceptions now. See bug 1504483 for making this more clear. See also bug 1492498 for maybe making this more nuanced.

Status: UNCONFIRMED → RESOLVED
Closed: 6 years ago
Resolution: --- → DUPLICATE

Sorry, I need to ask once more:

In Nightly there is no longer the feature to permanently store a self-signed certificate?

Flags: needinfo?(dkeeler)

For now you can set the about:config preference "browser.security.newcerterrorpage.enabled" to false or use the certificate manager (about:preferences -> search for "certificates" -> "View Certificates" -> "Servers" -> "Add Exception").

Flags: needinfo?(dkeeler)

I am no longer able to disable the "newcerterrorpage" using "browser.security.newcerterrorpage.enabled"-pref and therefore no longer have a way to allow permanently accept a self-signed certificate?

Flags: needinfo?(dkeeler)

(in todays nightly)

(In reply to Dana Keeler (she/her) (use needinfo) (:keeler for reviews) from comment #7)

For now you can set the about:config preference "browser.security.newcerterrorpage.enabled" to false or use the certificate manager (about:preferences -> search for "certificates" -> "View Certificates" -> "Servers" -> "Add Exception").

Flags: needinfo?(dkeeler)
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: