about:certificate viewer does not show the cert chain when intermediate cert is expired
Categories
(Firefox :: Security, enhancement)
Tracking
()
People
(Reporter: diddledang, Unassigned)
References
(Blocks 1 open bug)
Details
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0
Steps to reproduce:
Yesterday I was playing around with certificates chains and so I tried to create an intermediate certificate that expires before an issued web server certificate does. E.g. cert (expires in):
root (10 years) > intermediate (1 day) > webserver (1 year)
Actual results:
Yesterday when the intermediate certificate was valid, Firefox shows up the webserver and the intermediate certificate like this: about:certificate?cert=...&cert=...
Today when the intermediate cert is expired, Firefox shows up a correct SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE warning and only the valid webserver certificate like this: about:certificate?cert=...
Expected results:
The problem is, that you get a correct warning, but you don't see the expired intermediate certificate, but only the valid Web Server certificate in the viewer.
![]() |
||
Updated•2 years ago
|
Reporter | ||
Comment 1•2 years ago
|
||
Firefox Version: 88.0.1 (64-Bit)
Comment 2•2 years ago
|
||
This seems like a great enhancement, I will mark it as NEW and maybe one of our developers can take a look at this.
Updated•2 years ago
|
Description
•