Closed Bug 426603 Opened 17 years ago Closed 17 years ago

Firefox 3 gives sec_error_inadequate_key_usage when navigating to a site with a self signed certificate

Categories

(Firefox :: Security, defect)

Product:
Firefox
Component:
Security
Platform:
x86
Windows Vista
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 424077

People

(Reporter: rpaplin, Unassigned)

Details

Attachments

(5 files, 1 obsolete file)

Firefox 3 not letting me navigate to a site with a self-signed certificate
23.32 KB, image/jpeg
Details
What Safari does in this scenario
14.11 KB, image/png
Details
What MSIE does in this scenario (before navigation)
29.00 KB, image/png
Details
What MSIE does in this scenario (after navigation)
24.52 KB, image/png
Details
Firefox 2 letting me navigate to a site with a self-signed certificate
6.02 KB, image/png
Details
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9b4) Gecko/2008030714 Firefox/3.0b4 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9b4) Gecko/2008030714 Firefox/3.0b4 Firefox 3.0 does not let the user navigate to or browse a site with a self signed certificate (or a certificate from an untrusted root certificate authority). This bug appears to be web server agnostic based the following forum posts http://groups.google.com/group/mozilla.feedback.firefox.prerelease/browse_thread/thread/885b8914a0cc9e80/dee1896b6487e24a http://forums.mozillazine.org/viewtopic.php?p=3214810&sid=83ec36b154173a769dcf000463a6b153 Reproducible: Always Steps to Reproduce: 1. Create a web site on a server running IIS 7 2. Create a certificate (signed by yourself or some other non trusted root CA) 3. Apply the self signed certificate to the site (require 128-bit SSL) 4. Navigate to the site w/ Firefox 3.0 Beta 4 Actual Results: Firefox renders the following error page with a Try Again button... Secure Connection Failed An error occurred during a connection to "server name". Certificate key usage inadequate for attempted operation. (Error code: sec_error_inadequate_key_usage) The page you are trying to view can not be shown because the authenticity of the received data could not be verified. * Please contact the web site owners to inform them of this problem. If you press Try Again, you get the error page again and are unable to visit the site. Expected Results: In Firefox 2.0, it will bring a up a dialog informing you that you are navigating to a site sign by an unknown certifying authority. It will give you the option to “Accept the certificate permanently”, “Accept the certificate temporarily for this session”, and “Do not accept the certificate and do not connect to this web site”. Safari 3.1 beings up a similar dialog and gives the user the option to continue, despite the fact the website was signed by an unknown certifying authority. Internet Explorer 7.0 will typically navigate to page informing you that the site was not issued by a trusted certificate authority. If you choose to navigate to the site, IE colors the address bar red and indicates that certificate was not issued by a trusted certificate authority. In any case, the browser should give the user the ability to proceed to untrusted site after some sort of warning. Self signed certs are fairly common in web application development scenarios.
Status: UNCONFIRMED → RESOLVED
Closed: 17 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: