476758 - The self-signed certificate alert that would not die

Status: RESOLVED FIXED

(Cloud Services :: General, defect, P1)

Description

[Jono Xia]

When trying to sync up a (desktop Firefox 3.1) profile to Weave, I got an alert box warning me of a self-signed certificate.

(I think the actual problem is that while the certificate for https://services.mozilla.com is actually valid, I had some resources on there which still had pointers to the old test server, which was self-signed.)

Clicking "cancel" dismisses the alert box but then it immediately comes up again.  The other option lets me inspect the certificate, but there's no way to either accept the certificate or to cancel the sync, so I'm stuck with the alert box.

It's not actually an infinite loop -- just a very large number (once for each request to the server that needs to be made during the sync.)

Workaround: force-quit firefix, wiped all my stuff off the server, started again.

Comment 1

[Dan Mills [:thunder]]

That got introduced with the switch to nsIChannel.  We no longer use the mozBackgroundRequest flag that makes invalid certs just fail.  We used to set up nsIPrompt magic to fail (before the background request flag existed), maybe we can use that again?  If so, we should just be able to fish it out of the hg log.

Comment 2

[Anant Narayanan [:anant]]

Fixed in http://hg.mozilla.org/labs/weave/rev/25f2ddbb2aa0

Requests to servers with invalid HTTPS certificates will just fail (with a log message). We should probably think of hooking this into the weave notification system to inform the user, at some point.