Closed
Bug 178031
Opened 22 years ago
Closed 22 years ago
Mail is unable to accept site certificate permanently
Categories
(Core Graveyard :: Security: UI, defect, P3)
Tracking
(Not tracked)
VERIFIED
DUPLICATE
of bug 175225
People
(Reporter: gilead, Assigned: ssaux)
References
()
Details
(Whiteboard: dupeme)
I use SSL to connect to two sites on which I have POP3 mail accounts. Mozilla refuses to accept their certificates when asked to do so permanently (ie. after choosing 'accept certificate permanently' it displays the same popup window again). Accepting certificate for single session works well. This bug is present in Mozilla for as long as I can remember but I decided to fill this bug report after seeing nicely redesigned popup window in build 2002110108 asking for certificate acceptance. This means someone is working on it but this bug is still there. Big thanks to entire Mozilla team for awesome work! Max
Comment 1•22 years ago
|
||
-> PSM
Assignee: mstoltz → ssaux
Component: Security: General → Client Library
Product: MailNews → PSM
Version: other → unspecified
Updated•22 years ago
|
OS: Linux → All
Priority: -- → P3
Hardware: PC → All
Whiteboard: dupeme
Version: unspecified → 2.4
Comment 2•22 years ago
|
||
Reporter, do you have FIPS enabled? Edit>Prefs>Privacy>Certificates>Manage security devices. If so, try disabling it. Bug 150697 Also, check to see if you have a master password setup. Edit>Prefs>Privacy>Master Passwords>Change Password. If you don't have a password setup, create one and try the saving the cert from the mail account again. If neither of the above work, then if possible, can you send the name of the pop server in case there is a problem with the server's certificate?
Status: UNCONFIRMED → NEW
Ever confirmed: true
Reporter | ||
Comment 3•22 years ago
|
||
FIPS was disabled, there were no master password. I tried enabling FIPS which made things only worse (Could not establish an encrypted connection because certificate presented by [mail server address here] is invalid or corrupted. Error Code: -8182). Disabling it again restored the previous state. Setting master password didn't change anything. Mail servers I'm using are: mail.linart.krakow.pl and yellow.dyndns.org. If you need more data please ask.
Comment 4•22 years ago
|
||
mail.linart.krakow.pl and yellow.dyndns.org both have the same issuer and issuee data, and a serial number of 00, and probably were issued by plesk.com. Marking dupe of bug 175225, which is a regression and nsbeta1+. *** This bug has been marked as a duplicate of 175225 ***
Status: NEW → RESOLVED
Closed: 22 years ago
Resolution: --- → DUPLICATE
Comment 5•22 years ago
|
||
Verified duplicate. What I'm finding is that this type of cert (matching issuer and issuee and serial number 00) is just like the self-signed cert I created on my Apache server on Redhat 7.2. There must be a lot of this type of cert out there.
Status: RESOLVED → VERIFIED
Reporter | ||
Comment 6•22 years ago
|
||
There is no specific certificate issued by anyone at my server (I'm owner of yellow.dyndns.org) and I don't want to have one (or at least don't want to bother with it right now). I strongly believe that Mozilla should remember ANY certificate the server presents to it and notify user that such certificate is not valid. Or let someone invent better solution but please remove this annoying popup - I just want to receive my email. Regards, Max
Updated•8 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•