Closed Bug 661121 Opened 13 years ago Closed 12 years ago

Update security tests to use SSL certs from mozqa.com

Categories

(Mozilla QA Graveyard :: Mozmill Tests, defect)

Product:
Mozilla QA Graveyard
Component:
Mozmill Tests
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: whimboo, Unassigned)

References

Details

Anthony, can you please update the Mozmill tests which test for self-signed SSL certificates? Based on bug 639939 we now have our own page at https://ssl-selfsigned.mozqa.com/.

Thanks.
A Pivotal Tracker story has been created for this Bug: https://www.pivotaltracker.com/story/show/14048057
As far as I can tell, none of our security tests use "self-signed" certificates. All of our security tests were changed a while back to use our own websites (ie. mail.mozilla.org and addons.mozilla.org). 

The only case where we might have used a self-signed cert in the past was when we were using verisign.com. However, this is no longer the case. Also, we were not using verisign.com to specifically test self-signed tests. We have no such test.
Then simply morph the summary and use it for all the other tests we have which make use of DV, OV, or any other cert which we will have on mozqa.com soonish. 

Al, can you please add all those SSL bugs for mozqa.com as dependencies to this bug? Thanks.
Done.
Depends on: 639936, 639932
Summary: Update security tests to use expired SSL cert from mozqa.com → Update security tests to use SSL certs from mozqa.com
Anthony, can you please check what else we need or do we now cover each type of invalid certificate?
I'm still trying to figure out how to get an expired cert that isn't self-signed.
Let me reach out to the Security team. Someone like Sid Stamm would be able to provide some expertise on this effort.
Talked with Al about it in our 1-1 and he will reach out to Gerv and check if we could get such a cert via StartSSL.
Anthony, would you like to contribute such a patch soon? We currently have failing tests and we kinda would like to solve those.
Blocks: 760411
I'm very much preoccupied with Firefox 13 and 10.0.5ESR release QA coordination. I probably won't have a chance to even think about this until mid to late next week. If something is needed in a shorter timeframe, someone else should pick this up.

Apologies for not looking into this sooner.
Vlad, can one of your team have a look at this bug?
Assignee: anthony.s.hughes → nobody
Blocks: 760374
(In reply to Henrik Skupin (:whimboo) from comment #11)
> Vlad, can one of your team have a look at this bug?

Assigning to Alex
Assignee: nobody → alex.lakatos
Depends on: 768358
FYI guys, please remember that bug 768358 contains a patch which will modify testBlueLarry.js to use one of the ssl-dv certs from mozqa.com, so do not include that in this patch. Thanks!
No longer blocks: 763159
I don't think there is anything else we have to work on here. All dependencies have been fixed.
Assignee: alex.lakatos → nobody
Status: ASSIGNED → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Product: Mozilla QA → Mozilla QA Graveyard
You need to log in before you can comment on or make changes to this bug.