Open Bug 543980 Opened 15 years ago Updated 2 years ago

Cannot receive certificate from self-signed certification authority

Categories

(MailNews Core :: Security: S/MIME, defect)

Product:
MailNews Core
Component:
Security: S/MIME
Type:
defect

Tracking

(Not tracked)

Status:
UNCONFIRMED

People

(Reporter: me, Unassigned)

Details

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.7) Gecko/20091221 Firefox/3.5.7 (.NET CLR 3.5.30729) Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.7) Gecko/20091221 Firefox/3.5.7 (.NET CLR 3.5.30729) I am an administrator of a self-signed certification authority (www.pki.auth.gr - Aristotle University of Thessaloniki Public Key Infrastructure). Some of our users receive the message: This certificate can't be verified and will not be imported. The certificate issuer might be unknown or untrusted, the certificate might have expired or been revoked, or the certificate might not have been approved. when they try to receive a certificate after requesting it and the certificate is installed at the other people section instead of the personal certificates. The certificate of the CA is already installed in the Software Security Device and at the trust settings everything is checked so the CA can be used to identify web sites, mail users and software makers. The CA chain is the following: HARICA(Hellenic Academic and Research Institutions Certification Authority) -> Auth Central(Our central CA) -> Auth Users (The CA that issues certificates for all users). I have tried both putting all the certificates inside the Software Security Device and only the RootCA (HARICA) certificate but I still have the same problem. When I try at another Firefox or using another profile everything is ok, the problem appears randomly at some profiles only. I have tried creating the certificate using IE, exporting it at a file using the pkcs12 format and importing it to Firefox and everything is fine. I have also tried creating a new certificate database using certutil and I still have the same problem. Reproducible: Sometimes Steps to Reproduce: 1. Install the CA certificate from http://www.pki.auth.gr/trust.php 2. Request a certificate (Requires an account at the Aristotle University of Thessaloniki network) 3. After the certificate is issued, receive it. Actual Results: Received the message This certificate can't be verified and will not be imported. The certificate issuer might be unknown or untrusted, the certificate might have expired or been revoked, or the certificate might not have been approved. and the certificate was installed at the other people certificate section. Expected Results: The certificate should be installed at the personal certificates.
Mass change owner of unconfirmed "Core:Security UI/PSM/SMime" bugs to nobody. Search for kaie-20100607-unconfirmed-nobody
Assignee: kaie → nobody
Product: Core → MailNews Core
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.