Closed
Bug 494174
Opened 15 years ago
Closed 6 years ago
Add Security Exception dialog for self-signed certificates inaccessible
Categories
(Mozilla Labs :: Prism, defect)
Tracking
(Not tracked)
RESOLVED
WONTFIX
People
(Reporter: mozilla, Unassigned)
References
Details
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.10) Gecko/2009042316 Firefox/3.0.10
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.10) Gecko/2009042316 Firefox/3.0.10 Prism/1.0b1
When trying to access a secure page with a self-signed certificate I receive the following message (correct behavior):
Secure Connection Failed
--------
ascsqlcscs:2381 uses an invalid security certificate.
The certificate is not trusted because it is self signed.
(Error code: sec_error_ca_cert_invalid)
* This could be a problem with the server's configuration, or it could be someone trying to impersonate the server.
* If you have connected to this server successfully in the past, the error may be temporary, and you can try again later.
Or you can add an exception…
-------------------
When I click "or you can add an exception" the following text appears (again correct behavior):
You should not add an exception if you are using an internet connection that you do not trust completely or if you are not used to seeing a warning for this server.
[ Get me out of here! ] [ Add exception... ]
--------------------
When I click the "Add Exception..." button I *should* receive a dialog allowing me to view and accept the self-signed certificate, but instead nothing happens at all (it acts as if I never clicked).
Reproducible: Always
Steps to Reproduce:
1. Via Prism, access a page with a link to an SSL page with a self-signed certificate.
2. Click "Or you can add an exception"
3. Click "Add Exception..."
Actual Results:
Nothing at all. Acts as if I never clicked the button.
Expected Results:
"Add Security Exception" dialog should appear.
Summary: Add exception dialog for self-signed certificates inaccessible → Add Security Exception dialog for self-signed certificates inaccessible
|
||
Comment 1•15 years ago
|
||
Exactly the same problem on Linux (Fedora 11 x86_64, running Prism 1.0b1 Linux i686). This is problematic for demos of our products on site without official certificates.
same problem for me - ubuntu 9.04 (jaunty jackalope) and firefox 3.5.1, prism 1.0b1.
Same problem here, really annoying. Makes testing my secure site impossible in Firefox. OSX 10.5.6, Firefox 3.5.1
For what it's worth - I really don't think version 1.0 can be complete without providing some way of handling unverified security certificates. One of the main uses I have for prism is to make webapps for internal pages like our office's Jira server and other pages that don't have a verified cert. It just seems like something glaring when encountering a page like that and the user is unable to do what they do in their normal browser to get to the page.
|
||
Comment 5•15 years ago
|
||
This seems to be a frequent request. Mark, do you have any input on this? Any chance you could tackle it?
|
||
Comment 6•15 years ago
|
||
Is it possible to exchange the cert8.db-File, Prism installs in new profiles' dirs? The current one is about 64kb size, the new one of firefox 3.5 ist about 96kb and contains the root-certificate of our CA. This would make "Add exception" redundant for me.
We have users connected to our web application through Prism to a server using a self-signed certificate, that works fine, no warnings. But we get this error when a user clicks on an https link to a different site but under the same domain. So our web app is at https://webapp.ourdomain.com running in Prism but when a user clicks a link to go to https://otherservice.ourdomain.com then we get this error. But that link should actually open up in a separate Firefox window, not another Prism window. So it could be something to do with opening up a link of a different sub-domain but under the same domain. As surely I should be getting the Firefox certificate warning screen and not one in Prism?
|
|
||
Comment 8•14 years ago
|
||
The second link opens in Prism due to standard application behavior: links in Prism apps open in Prism if they are in the same domain as the main application URL. You should be able to get the link to open in the default browser instead by adding the following line to your webapp.ini: exclude=otherservice.ourdomain.com
(In reply to comment #8) > The second link opens in Prism due to standard application behavior: links in > Prism apps open in Prism if they are in the same domain as the main application > URL. You should be able to get the link to open in the default browser instead > by adding the following line to your webapp.ini: > > exclude=otherservice.ourdomain.com Hi Matthew, many thanks for this reply. That's exactly what the problem was. However is there a way to add a wildcard exclude? I would have thought the most logical behaviour was to have it restricted to same sub.domain opening in the Prism webapp and then override that if needed. If there's no bug then I would consider opening one to get that behaviour changed.
|
|
||
Comment 10•14 years ago
|
||
(In reply to comment #9) > Hi Matthew, many thanks for this reply. That's exactly what the problem was. > However is there a way to add a wildcard exclude? I would have thought the most > logical behaviour was to have it restricted to same sub.domain opening in the > Prism webapp and then override that if needed. If there's no bug then I would > consider opening one to get that behaviour changed. You can use * as a wildcard.
|
||
Comment 11•6 years ago
|
||
Prism isn't maintained anymore. Mass closing of the bugs.
Status: UNCONFIRMED → RESOLVED
Closed: 6 years ago
Resolution: --- → WONTFIX
You need to log in
before you can comment on or make changes to this bug.
Description
•