Need UI to handle web server certificate problems

RESOLVED DUPLICATE of bug 545556

Status

Cloud Services
Firefox Sync: Backend
RESOLVED DUPLICATE of bug 545556
10 years ago
7 years ago

People

(Reporter: Igor Velkov, Unassigned)

Tracking

({helpwanted, uiwanted})

unspecified
Future
helpwanted, uiwanted
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [wontfix?])

(Reporter)

Description

10 years ago
User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9b5pre) Gecko/2008032505 Minefield/3.0b5pre
Build Identifier: 

Need some user interface to warn about SSL problems and handle some of it.
Now there no mechanism to know about bad or changed certificate, no possibility to add to exclusion list self-signed certificate of server.

Reproducible: Always

Comment 1

10 years ago
Targeting for 0.2 (P2).
Unclear what the desired UI for this is.
Status: UNCONFIRMED → NEW
Ever confirmed: true
Keywords: helpwanted, uiwanted
OS: Windows XP → All
Priority: -- → P2
Hardware: PC → All
Target Milestone: 0.1 → 0.2

Updated

10 years ago
Blocks: 433899

Comment 2

10 years ago
not going to make 0.2, reassigning to 0.3.  we should document the workaround and include in a release note.
No longer blocks: 433899
Target Milestone: 0.2 → 0.3

Comment 3

10 years ago
I'm not sure if that really should be implemented.

The recommended way to handle this is to create your own CA and sign your certificate with it.  Then important your CA into Firefox (Preferences -> Advanced -> Encryption -> View Certificates -> Authorities -> Import; select the crt file and check "This certificate can identify web sites").  After that Firefox will gladly accept your certificate.

Comment 4

10 years ago
Currently Weave will fail silently if you use your own server with a self-signed cert.  The solutions (either adding an exception for the cert, or adding a CA to Firefox as comment #3 suggests) work fine, but they need to be suggested somewhere.

I would be OK with a minimal solution for this bug (just warning of the problem with some explanation of how to solve it).

Comment 5

10 years ago
If weave is using xmlhttprequests then Fx3 provides a method to ignore SSL certificate errors. 
Fx2 does not, but handles it by some other method.
Wonder if Fx2 would even be target app. when Weave goes 1.0

Comment 6

9 years ago
These bugs need to be triaged, removing 0.3 milestone setting.
Target Milestone: 0.3 → Future

Updated

9 years ago
Component: Weave → General
Product: Mozilla Labs → Weave
QA Contact: weave → general
We are not going to ignore SSL certificate errors silently.  I think that I'm okay with documenting a workaround for people wanting to use a self-signed cert:

Advanced->Encryption->View Certificates->Add Exception

Strongly recommend WONTFIX here, building UI for this case feels like it's a lot of work for a corner case.
Component: General → Sync
QA Contact: general → sync
Whiteboard: [wontfix?]
(Reporter)

Comment 8

9 years ago
Then, at least, add descriptive error message into the log? Makes possible to google wiki page with solution (open url with broswer and add exclusion here will be much more suitable).

Comment 9

9 years ago
In Weave 0.7 & Firefox 3.5 every time after new install I have the problem with certificates.
When syncing weave founds very old certificates (self-signed) that I didn't use anymore, but they show the warning (screenshot http://imagebin.ca/view/FOVDcpvO.html) for each certificate more than one times (the window have only Cancel button, I press it and firefox shows me this message again, very often - 2-50 time per session!!)
And this messages repeats again each session, while I open the site with certificate and correctly confirm firefox security exception.

And, I think, we need a tool to clear old certificates from Weave user database.
Duping forward to Bug 545556, since there's a bunch of different things, and I think that bug sums up the path we want to take here.
Status: NEW → RESOLVED
Last Resolved: 8 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 545556
Removing priority from a duped bug.
Priority: P2 → --
You need to log in before you can comment on or make changes to this bug.