Closed Bug 347184 Opened 16 years ago Closed 14 years ago

Firefox blocks loading of SSL pages that have certificate errors

Categories

(Firefox :: Security, defect)

1.5.0.x Branch
x86
Windows XP
defect
Not set
major

Tracking

()

RESOLVED DUPLICATE of bug 399275

People

(Reporter: kokuryu, Unassigned)

References

()

Details

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.5) Gecko/20060719 Firefox/1.5.0.5
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.5) Gecko/20060719 Firefox/1.5.0.5

This bug is easy to duplicate.  Create a website and make a self-signed SSL certificate, or install a temporary certificate.  You will not be able to access it with Firefox.  Firefox is now totally blocking websites with security certificate issues of any sort.  This should NOT be it's normal behavior.  Just because there is a problem with a certificate does not mean that I or others do not want to visit the website.  As a due course, probably about 2/3 of all websites out there have certificate issues of one kind or another.  The proper way to handle this is to ASK THE USE WHAT TO, BUT DO NOT BLOCK ACCESS!!!  Blocking access is a no-no.

Reproducible: Always

Steps to Reproduce:
1. Visit a website that uses a self-signed certificate, has an expired certificate, has a damaged certificate, or some other certificate problem via HTTPS

Actual Results:  
Produces an error message stating a problem with the SSL certificate with an OK button.  Pressing the OK button aborts the loading of the webpage.

Expected Results:  
The error message should have included with it the options to either accept the error permanently for this website, accept it for this session, or block it once. The Security tab also needs to have additional options there so the user can define their SSL experience - to always allow the acceptance of security certificates even if there are errors, to deny certain types of securty certificates based on certain problems, to ask or not to ask what to do, etc.
Severity: critical → blocker
--> Major for now. Please do not set blocker severity yourself. And critical is for crashers and the like.
Severity: blocker → major
Dupe of/related to bug 264780? (Dupechain --> bug 171277 --> bug 114425)
Whiteboard: DUPEME
Version: unspecified → 1.5.0.x Branch
Is there any discussion about this bug for Firefox 3? I find it highly annoying that the browser blocks web pages with SSL errors, and it takes some reading and four clicks to even look at the page, while it only takes one click to bypass warnings and load a phishing/malware site.
This is actually a dup of several other bugs, but bug 399275 comment 51 outlines a variety of options, depending on precisely how easy you want it to be to ignore warnings.
Status: UNCONFIRMED → RESOLVED
Closed: 14 years ago
Resolution: --- → DUPLICATE
Whiteboard: DUPEME
Duplicate of bug: 399275
You need to log in before you can comment on or make changes to this bug.