Closed Bug 400608 Opened 16 years ago Closed 16 years ago

FF3 should have a easy way to bypass/add to exceptions SSL blocked sites (ie. local/self signed certificates or expired)


(Firefox :: Security, defect)

Not set





(Reporter: higuita, Unassigned)




User-Agent:       Mozilla/5.0 (X11; U; Linux i686 (x86_64); en-US; rv:1.9a9pre) Gecko/2007101704 Minefield/3.0a9pre
Build Identifier: Mozilla/5.0 (X11; U; Linux i686 (x86_64); en-US; rv:1.9a9pre) Gecko/2007101704 Minefield/3.0a9pre

FF3 blocks the access to sites with local/self signed certificates or expired certificates  ( see bug #399324 )

There are MANY sites with this kind of locally signed certificates, most of then internal or test sites
Expired sites are more seen in production enviorments

Both need to be added to the exception list to keep working.

right now, people is blocked from accessing the site if they are using FF3. Most of people dont know that they can add the url to a exception list, so FF3 really breaks the site for those users.

to keep those local/self-signed + expired sites working like in all other browsers, the error page should have a link to allow the user to add that site to the exception list

FF3 should have a easy way to bypass/add to exceptions SSL blocked sites

Reproducible: Always

Steps to Reproduce:
1.go to a self-signed site with FF2, IE6 or IE7, it gives the warning, but you can open the site the same thing with FF3, a waning shows up, but you cant access the site
3.users dont know about the exception list, its access is too hidden, so they cant enter the site, even if the day before it worked (expired certificates)
Actual Results:  
you cant access the site

Expected Results:  
keep the warning, allow a easy access to the exception list, so the user can regain access to the site
Probably a dupe of bug 398718, but that depends on how easy they make it to add the exception. A textual explanation is probably not what you want.
Or Bug 399275 but that would require adding about:config pref first.
bug 398718 is about the message, this is about users are unable to access the page from one day to another (expired certs) or test/use internal sites, where they dont have access to the root CA. The exception entry in the certs admin pages is to hidden to be usable

Bug 399275 seems that is already sort of fixed with the exception list, but to get there/find is very hard, even for tech guys

i dont want the old method, but i dont want also the current one... menus inside of menus inside of menus seems like the outlook config menus hell
Ever confirmed: true
Closed: 16 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.