Closed Bug 455460 Opened 17 years ago Closed 17 years ago

invalid security certificate.

Categories

(Firefox :: Security, defect)

Product:
Firefox
Component:
Security
Platform:
x86
Windows XP
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED INVALID

People

(Reporter: nielsraes, Unassigned)

References

(
URL
)

Details

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1 zulu.ssc.nasa.gov uses an invalid security certificate. The certificate is not trusted because the issuer certificate is unknown. (Error code: sec_error_unknown_issuer) Is there any reason for this error? IE could access without problems )-; Reproducible: Always Steps to Reproduce: 1. Goto https://zulu.ssc.nasa.gov/mrsid/ 2. 3. Actual Results: zulu.ssc.nasa.gov uses an invalid security certificate. The certificate is not trusted because the issuer certificate is unknown. (Error code: sec_error_unknown_issuer) Expected Results: Access website IE could open page.
Self-signed security certificates are not accepted anymore by default (but you can accept then as an exception), because they pose a security risk. But you can always add an exception, which allows you to bypass the warning. Note : in Internet Explorer you also get an warning ("the security certificate was issued by a company you have chosen not to trust..."), and you have to chose whether you accept it or not. Do you always click on 'Yes' without reading ? (default is 'No' !) see <http://www.gerv.net/security/self-signed-certs/>
Status: UNCONFIRMED → RESOLVED
Closed: 17 years ago
Resolution: --- → WORKSFORME
Cert was issued by the U.S. Government which makes this bug fall under the case described in bug 208323. The U.S. Government would need to apply to be a cert authority and pass the audits as described in http://www.mozilla.org/projects/security/certs/policy/.
Status: RESOLVED → UNCONFIRMED
Resolution: WORKSFORME → ---
(In reply to comment #2) > Cert was issued by the U.S. Government which makes this bug fall under the case > described in bug 208323. The U.S. Government would need to apply to be a cert > authority and pass the audits as described in > http://www.mozilla.org/projects/security/certs/policy/. That is true, or the user could import the CA, or add an explicit exception for the site - but why did you unresolve the bug? There is no code change we're likely to make in response to this specific issue, and the general question of including the DoD root in our store is really a separate bug, if it were to be revisited.
see bug 208323 for another DoD certificate that wasn't included in Mozilla's list
You get an error page that includes an "add an exception..." link, right?
Status: UNCONFIRMED → RESOLVED
Closed: 17 years ago17 years ago
Resolution: --- → INVALID
Just to clarify I did not realize I had changed the status until a few minuets after I left the comment. Jo had already switched back the status.
You need to log in before you can comment on or make changes to this bug.