Connecting to a site whose SSL cert is revoked

RESOLVED INVALID

Status

P2
major
RESOLVED INVALID
16 years ago
2 years ago

People

(Reporter: webmaster, Unassigned)

Tracking

1.0 Branch

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: testcase needed, URL)

(Reporter)

Description

16 years ago
User-Agent:       Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.2b) Gecko/20021016

On clicking OK to continue (in this case it was an Linux server admin page) 
does nothing (won't connect) have to cancel and use MSIE etc.

Reproducible: Always

Steps to Reproduce:
1.
2.
3.
example URL ?

-> PSM
Assignee: asa → ssaux
Component: Browser-General → Client Library
Product: Browser → PSM
QA Contact: asa → junruh
Version: Trunk → unspecified

Comment 2

16 years ago
*** Bug 98211 has been marked as a duplicate of this bug. ***

Updated

16 years ago
Status: UNCONFIRMED → NEW
Ever confirmed: true
OS: Windows 2000 → All
Priority: -- → P2
Hardware: PC → All
Whiteboard: testcase needed
Version: unspecified → 2.4
The https server residential.qwest.com appears to me to be using a revoked cert.  
When OCSP is enabled, or when you have imported Verisign's CRL from the URL
  http://crl.verisign.com/RSASecureServer.crl
and you then visit 
  https://residential.qwest.com/flibberty.gibbet
you get a dialog that says
 "Could not establish an encrypted connection because certificate presented by
  residential.qwest.com has been revoked."
The dialog has only one button, which says "OK".  Clicking it does not 
override the cert revocation, but rather cancels the attempt to fetch the URL.  

However, when no CRL for verisign is loaded, and OCSP is disabled, the url
cited above returns a page-not-found error.  The SSL connection is unhindered
in that case.  

I think the submittor of this bug is complaining that he cannot override 
the cert revocation and visit the web site anyway.  If that is indeed the 
complaint, then this bug should be resolved invalid, because mozilla can be
configured to disable configuration checking, although we do not recommend 
this for the average user.

Submittor, is that the essence of your complaint?

Comment 4

15 years ago
Mass reassign ssaux bugs to nobody
Assignee: ssaux → nobody

Updated

14 years ago
Component: Security: UI → Security: UI
Product: PSM → Core

Updated

13 years ago
Status: NEW → RESOLVED
Last Resolved: 13 years ago
Resolution: --- → INVALID

Updated

11 years ago
Version: psm2.4 → 1.0 Branch
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.