Open Bug 454782 Opened 16 years ago Updated 5 months ago

deleted certificates reappear in the certificate manager before restarting Firefox

Categories

(Core :: Security: PSM, defect, P3)

Product:
Core
Component:
Security: PSM
Platform:
x86
Windows XP
Type:
defect

Tracking

()

People

(Reporter: asle, Unassigned)

References

Details

(Whiteboard: [psm-certmanager][psm-backlog])

Attachments

(1 file)

certmanager.png
90.56 KB, image/png
Details
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1 When I delete user certificates they are restored restarting firefox. The deleted certificates are removed from certificates list but are still available for use and are restored as described above after restart. Reproducible: Always Steps to Reproduce: 1.install client certificate 2.delete client certificate 3.restart firefox Actual Results: Certificates are still present Expected Results: Certificates are permanently deleted
Moving to the bug component that tracks issues with certificates. Are these being installed from a hardware device like a token or a smart card, or purely in software?
Assignee: nobody → kaie
Component: Security → Security: PSM
Product: Firefox → Core
QA Contact: firefox → psm
(In reply to comment #1) > Moving to the bug component that tracks issues with certificates. Are these > being installed from a hardware device like a token or a smart card, or purely > in software? Purely software. One of the certificates are a test certificates which can be downloaded from the following url https://test.pid.certifikat.dk/pidxml/ Bruger 1 certificate is a revoked certificate. Bruger 2 is a valid certificate
Sounds like bug 345934. Additionally connecting to the site produces Error code: ssl_error_handshake_failure_alert.
Mass change owner of unconfirmed "Core:Security UI/PSM/SMime" bugs to nobody. Search for kaie-20100607-unconfirmed-nobody
Assignee: kaie → nobody
I am experiencing same problem in Firefox 26.0; I have lots of testing certificates installed into the browser via an HTML5 keygen element, in the Software Security Device. When I choose to delete one from the Certificate Manager, it's removed from the list, but the next time I open the Manager again, all the certs I just deleted re-appear there. Firefox 26.0 on Arch Linux amd64, NSS version 3.15.3.1. I also have an "Estonian ID Card" security device installed (opensc-pkcs11.so from opensc 0.13.0, pcsclite daemon 1.8.10). But note that the certs I'm trying to delete are from the Software Security Device (NSS Internal PKCS #11 Module)
Attached image certmanager.png
Marti, are the certificates still there after you restart Firefox?
Flags: needinfo?(marti)
You're right, the certificate actually disappears after a browser restart. I guess I didn't notice before. But if I don't restart, I can still reproduce this on Firefox 45.0.1.
Flags: needinfo?(marti)
This appears to be a flaw in the certificate manager. It shouldn't show certificates that have been marked for deletion.
Status: UNCONFIRMED → NEW
Ever confirmed: true
Summary: Cannot delete user Certificates → deleted certificates reappear in the certificate manager before restarting Firefox
Whiteboard: [psm-certmanager]
See Also: → 1267861
Whiteboard: [psm-certmanager] → [psm-certmanager][psm-backlog]
Priority: -- → P3

I confirm this bug. Deleted personal certificates still there after restarting Firefox.

(In reply to Rafael Muñoz from comment #10)

I confirm this bug. Deleted personal certificates still there after restarting Firefox.

¡Hola Rafael!

Could you please confirm if this bug still reproduces on Firefox Beta, Developer and Nightly available at https://www.mozilla.org/firefox/channel/desktop/ ?

¡Gracias!
Alex

Flags: needinfo?(rmunozrodriguez)

(In reply to alex_mayorga from comment #11)

(In reply to Rafael Muñoz from comment #10)

I confirm this bug. Deleted personal certificates still there after restarting Firefox.

¡Hola Rafael!

Could you please confirm if this bug still reproduces on Firefox Beta, Developer and Nightly available at https://www.mozilla.org/firefox/channel/desktop/ ?

¡Gracias!
Alex

Yes, still happening on Firefox Nightly 68.0a1

Saludos

Flags: needinfo?(rmunozrodriguez)

It looks like the title of this ticket does not match the description. The title talks about "reappearing before restarting Firefox". Which indeed would be a duplicate of https://bugzilla.mozilla.org/show_bug.cgi?id=1593497. But the description is talking about a different problem: certificates are also present after restarting Firefox.

I can reproduce this issue as well. If I delete a certificate, it gets removed from the Certificate Manager. If I re-open the Manager in the next few seconds (exact time varies, from 5 to 15 seconds or so), the certificate is still there. If, however, I wait 5-15 seconds, the certificate is gone. If Firefox is restarted during the 5-15 seconds waiting time - certificate is still there on the next start (and stays there forever, unless you remove it again).

This issue is still reproducible on the latest Firefox Nightly 96.0a1 version, updating severity to match current ranking.

Severity: major → S3

Same problem here. I have deleted (expired) certificates in the past and they did not reappear. However, I have currently two certificates I am not using any more and there's no way to have them deleted permanently. They reappear as soon as I reopen the Certificate Manager. They remain there also after restarting Firefox. And contrary to what Mikhail reports, this is so independently of the time I wait after deletion. They are simply not deleted. I am currently using FF 96.0.3 (64-bit).

HEllo, I have the same problem with 98.0.2. I've tried everything I found ( restart delete cert9.db clear all ...) but it does not work. It is really impossible to continue using firefox in these condition I cannot do anything anymore! Please help me found a way to overcome this bug!

(In reply to pesiho from comment #17)

It is really impossible to continue using firefox in these condition I cannot do anything anymore!

Can you help me understand how this issue is preventing you from using Firefox?
Also, what "Security Device" is the certificate you're trying to delete listed as? (see bug 1601787)

Flags: needinfo?(pesiho)

Hi Dana,
A large part of my activities requires to access pages accessible with a x509 certificate from a rather large chain and CA ...
For french, it is the french CA "MENESR".
Since my previous certificate is expired and firefox only propose this expired certificate (not the newly issued) when I access any of these pages, i just cannot access the page. Hence cannot use firefox.
The security device is OS ClientCert Token (Modern). Though I don't see how that would have anything to do with my problem; it is rather strange one cannot delete an expired certificate to be able to use the not-expired one...
I'm on a windows 10 ( or 8).
I try uninstalled and clean firefox and mozilla 's directories (in AppData/Roaming). And reinstall. The certificate is still there :-o !
There must be another place where it is stored: where could it be ?? (aka cert9.db or another file ?)
Thanks for anyhelp ...

Flags: needinfo?(pesiho)

That certificate is managed by Windows, not Firefox. You have to use the Windows Certificate Manager to remove it.

(In reply to Dana Keeler (she/her) (use needinfo) [:keeler] from comment #20)

That certificate is managed by Windows, not Firefox. You have to use the Windows Certificate Manager to remove it.

I have this issue right now, however the certificates are "OS Client Cert Token", but nowhere to be found in Windows' cert manager.

I have removed cert9db, but they always keep reappearing. It's not clear where Firefox got the certificates from, which would make the process of removing them easier.

You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: