Closed Bug 603486 Opened 14 years ago Closed 14 years ago

Need a better error message for add-on installation/update failures from servers with a not built-in ssl cert

Categories

(Toolkit :: Add-ons Manager, defect)

Product:
Toolkit
Component:
Add-ons Manager
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED WONTFIX

People

(Reporter: whimboo, Unassigned)

Details

Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:2.0b8pre) Gecko/20101011 Firefox/4.0b8pre

If you are trying to install/update an add-on served from a https site which uses a self-signed or expired certificate, the error message we show right now, doesn't tell anything about the real cause why we can't install the extension:

"The add-on could not be downloaded because of a connection failure on %host%"

We should really inform the user that it's because of not trusted certificate.

Steps:
1. Open about:config and make sure extensions.install.requireBuiltInCerts is set to true or isn't listed.
2. Try to install https://mozilla.hskupin.info/acr.xpi
Dave, would that be too late for the 4.0 train?
Depends on: 435743
The error message seems reasonably valid, I'm not sure I'd even accept a fix for this bug after Firefox 4.

Why does this depend on bug 435743?
It doesn't really depend on bug 435743. It was the same kind of error before.

If it's something which is wontfix please mark it as such. IMO we have too many different situations which trigger this generic download failure error and which makes it hard to find the real cause.
No longer depends on: 435743
I don't think that needs exposed to the user though. Maybe something in the error log? We do that already for other cases where the (overly technical) message is helpful to a very small subset of people.
That would be fine too and would make sense.
What do we display in the error console currently? I thought there was further information in there already.
Checked that now, which I should have done immediately before filing this bug. Everything looks fine and we give the correct information:

*** WARN addons.xpi: Download failed: [Exception... "Certificate issuer is not built-in."  nsresult: "0x80004004 (NS_ERROR_ABORT)"  location: "JS frame :: resource://gre/modules/CertUtils.jsm :: checkCert :: line 92"  data: no]

I think we can close it as wontfix.
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → WONTFIX
Keywords: uiwanted
You need to log in before you can comment on or make changes to this bug.