SSL Certs cannot have an exception added on localhost

RESOLVED DUPLICATE of bug 435558

Status

()

RESOLVED DUPLICATE of bug 435558
11 years ago
11 years ago

People

(Reporter: deanx, Unassigned)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

11 years ago
User-Agent:       Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.4; en-GB; rv:1.9) Gecko/2008051202 Firefox/3.0
Build Identifier: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.4; en-GB; rv:1.9) Gecko/2008051202 Firefox/3.0

When a https server is visited on localhost then FF will not allow a certificate exception to be added. If the same site is visited via 127.0.0.1 then things work as they should.

I get the following alert message:

Alert

login.yahoo.com:443 uses an invalid security certificate.

The certificate is not trusted because it is self signed.
The certificate is only valid for <a id="cert_domain_link"
title="PortSwigger">PortSwigger</a>.

(Error code: sec_error_untrusted_issuer)

Then I click ok and I am on a blank page rather than the exception creation
error page. If I try to add an exception manually through the encryption tab in
advanced I get the same error message when I click the "Get Certificate"
followed by the "Unable to obtain identification status for the given site".




Reproducible: Always

Steps to Reproduce:
1. Set up a SSL webserver on the local machine with a self signed cert
2. Visit the site with https://localhost
3. Try again with https://127.0.0.1 to see correct response
Actual Results:  
Get Alert error message then a blank page




Expected Results:  
Get and invalid SSL cert error page with the ability to add an exception

I have confirmed that this is not the case under windows and all works fine there. I have seen the same problem on another OSX machine but have not had chance to look at a linux build.

Before managing to isolate the problem I reported this bug 437990 which is a symptom of the same problem
(Reporter)

Updated

11 years ago
Duplicate of this bug: 437990
I would say it is probably a duplicate of bug 435558.

Deanx does the problem goes away if you set network.dns.disableIPv6 to true? If so, it is definitively a duplicate of that one
(Reporter)

Comment 3

11 years ago
I can confirm this solves the problem so is a duplicate of this bug.

Sorry bout that my bad.

(Reporter)

Updated

11 years ago
Status: UNCONFIRMED → RESOLVED
Last Resolved: 11 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 435558
You need to log in before you can comment on or make changes to this bug.