Closed
Bug 823342
Opened 12 years ago
Closed 12 years ago
Cannot import self-signed certificate from server
Categories
(Core Graveyard :: Security: UI, defect)
Tracking
(firefox20+ fixed)
RESOLVED
FIXED
mozilla20
People
(Reporter: iannbugzilla, Assigned: jdm)
References
Details
(Keywords: regression)
Attachments
(1 file)
|
1.22 KB,
patch
|
briansmith
:
review+
|
Details | Diff | Splinter Review |
Somewhere between 17 and 20 this has broken. STR 1. On a mail server generate a self-signed certificate (RSA 2048) and use it for SSL. 2. On client computer point at the mail server with SSL. 3. Prompted to import certificate. Actual results 1/ Certificate is not retrieved. 2/ "Confirm Security Exception" button is disabled. Expected results 1/ Certificate is retrieved. 2/ Can add a security exception. Using openssl s_client from the client computer shows the certificate can be successfully retrieved.
2012-12-03-00-30-11 works 2012-12-11-00-30-44 works 2012-12-13-00-30-11 fails 2012-12-15-00-30-13 fails Unfortunately there are no linux builds from 2012-12-12 to test. http://hg.mozilla.org/mozilla-central/pushloghtml?startdate=2012-12-11+00%3A30%3A44&enddate=2012-12-13+00%3A30%3A11 Maybe something to do with bug 769288 ? Message in error console: Timestamp: 20/12/12 02:14:27 Error: Attempted to connect to a site with a bad certificate in the add exception dialog. This results in a (mostly harmless) exception being thrown. Logged for information purposes only: [Exception... "Establishing a connection to an unsafe or otherwise banned port was prohibited" nsresult: "0x804b0013 (NS_ERROR_PORT_ACCESS_NOT_ALLOWED)" location: "JS frame :: chrome://pippki/content/exceptionDialog.js :: checkCert :: line 140" data: no] Source File: chrome://pippki/content/exceptionDialog.js Line: 148
(In reply to Ian Neal from comment #2) > 2012-12-03-00-30-11 works > 2012-12-11-00-30-44 works > 2012-12-13-00-30-11 works > 2012-12-15-00-30-13 fails Sorry, typo.
Depends on: 769288
|
Assignee | |
Comment 4•12 years ago
|
||
Ack, here's the problem: http://mxr.mozilla.org/mozilla-central/source/security/manager/pki/resources/content/exceptionDialog.js#95 getRecentBadCertsService was renamed getRecentBadCerts in one of the revisions. This file should be updated.
|
|
Assignee | |
Updated•12 years ago
|
tracking-firefox20:
--- → ?
Component: Security → Security: UI
Keywords: regressionwindow-wanted
Product: MailNews Core → Core
|
||
Updated•12 years ago
|
|
||
Comment 5•12 years ago
|
||
I just ran into this under Thunderbird. I bisected Thunderbird nightly builds and found that the problem was introduced between the 2012-12-13 and 2012-12-14 builds. From the comments above, it looks like you already know what's wrong, but I thought I'd mention this just in case it's useful.
|
|
Assignee | |
Comment 6•12 years ago
|
||
Attachment #694420 -
Flags: review?(bsmith)
|
|
||
Comment 7•12 years ago
|
||
Comment on attachment 694420 [details] [diff] [review] Update reference to renamed getRecentBadCertsService method. Review of attachment 694420 [details] [diff] [review]: ----------------------------------------------------------------- ty.
Attachment #694420 -
Flags: review?(bsmith) → review+
|
|
Assignee | |
Comment 8•12 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/0e08a2cc3b07
|
||
Comment 9•12 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/0e08a2cc3b07
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla20
|
||
Updated•11 years ago
|
status-firefox20:
--- → fixed
|
||
Updated•8 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•