Add ability to choose client certs

RESOLVED DUPLICATE of bug 845375

Status

()

RESOLVED DUPLICATE of bug 845375
10 years ago
2 years ago

People

(Reporter: madhava, Unassigned)

Tracking

Trunk
Points:
---

Firefox Tracking Flags

(fennec1.0-)

Details

Attachments

(1 attachment)

(Reporter)

Description

10 years ago
See here for a mockup/wireframe:

https://wiki.mozilla.org/Mobile/UI/Designs/TouchScreen/workingUI#Client_Certificates

Especially for users in Europe, we should provide a mechanism so that users can choose a client-side certificate when prompted for identification by a website.
Flags: wanted-fennec1.0?
(Reporter)

Updated

10 years ago
tracking-fennec: --- → ?

Updated

10 years ago
tracking-fennec: ? → 1.0-
Flags: wanted-fennec1.0? → wanted-fennec1.0+
Duplicate of this bug: 461789
Status: NEW → RESOLVED
Last Resolved: 9 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 436076
verified as duplicate
Status: RESOLVED → VERIFIED
Client-certificates were not addressed by the resolution of bug 436076.  Reopening this bug to track client-side certificate UI.
Status: VERIFIED → REOPENED
Resolution: DUPLICATE → ---

Comment 5

7 years ago
with recent comments on the internet about how Android users are stuck with the recently revoked Diginotar certs for some time (i've read that only an OTA can update the cert store for the stock Android), it might be worth taking another look at implementing this ?

Comment 6

7 years ago
(In reply to Ian Melven :imelven from comment #5)
> with recent comments on the internet about how Android users are stuck with
> the recently revoked Diginotar certs for some time (i've read that only an
> OTA can update the cert store for the stock Android), it might be worth
> taking another look at implementing this ?

oops, never mind this is about client certs - ignore that !

(i still think client certs in Fennec would be a cool feature though.. )
(Reporter)

Updated

6 years ago
Component: General → General
Flags: wanted-fennec1.0+
Product: Fennec → Firefox for Android
I really needed this functionality so I looked around for workarounds. I found this [1] thread on the support forum. There are two solutions listed, one involving an extension (outdated) and one involving modifying cert9.db and key4.db on the desktop.

I tried the second solution and Firefox started to present the cert chooser from desktop Firefox. I am unable to press the OK button there, but after setting "security.default_personal_cert" to "Select Automatically" in about:config it just selects the cert without asking. Hope this information is useful for other users.

It would still be great to have this functionality supported out of the box. In the meanwhile, having a Android binary of p12util would be useful. Can it be compiled on Android/ARM?

[1] https://support.mozilla.org/en-US/questions/786035?s=certificate&as=s
Created attachment 725758 [details]
Screenshot of current (desktop) cert selection on Android

Comment 9

6 years ago
bug 845375 addresses the issue of being unable to press the OK button. It has been committed and I would guess it should be available in nighties. Not sure when it would hit aurora, beta etc. 

This modified version of the cert manager plugin allows you to install a p12 client cert file:- https://dl.dropbox.com/u/284659/cert-manager.xpi

I would be interested in getting involved in helping sort out proper support for managing client certs.
Duplicate of this bug: 939503

Comment 11

2 years ago
Bug 845375 added native, working UI that fixes what this bug was originally filed for (selecting client certs).

Importing client certs I believe can be done through add-ons (AddCertificate etc).
The bug for adding built in UI for importing client certs is Bug 868370.
Status: REOPENED → RESOLVED
Last Resolved: 9 years ago2 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 845375

Comment 12

2 years ago
There is no add-on that will allow importing certificates for recent versions of Fennec (> 13, we are right in the 50 range), so we are still unable to use certificates in mobile Firefox :(
You need to log in before you can comment on or make changes to this bug.