Closed Bug 902463 Opened 11 years ago Closed 8 years ago

This Connection is Untrusted message on facebook apps using clean profile

Categories

(Core :: Security, defect)

Product:
Core
Component:
Security
Platform:
All
Windows 7
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED WORKSFORME

People

(Reporter: bmaris, Unassigned)

Details

Attachments

(1 file)

Image showing the issue
94.68 KB, image/jpeg
Details
Attached image Image showing the issue 
Reproducible on the Firefox 24 Beta 1 (BuildID: 20130806170643):
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Firefox/24.0
Reproducible on the latest Aurora (BuildID: 20130805004006):
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20130805 Firefox/24.0
Reproducible on the latest Nightly (BuildID: 20130806030203): 
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:26.0) Gecko/20100101 Firefox/26.0

Steps to reproduce:
1. Start Firefox with a fresh new profile.
2. Load https://apps.facebook.com/pyramidsolitairesaga/

Expected results: The sign-in form appears and after login the game is loaded.

Actual results: "This Connection is Untrusted" message appears and only "Get me out of here!" action can be made.

Notes:
1. This issue is reproduces back to Firefox 12.0.
2. Screenshot attached showing the issue.
no repro, OS X 10.8.4, Firefox 26 (nightly)

I think this is operating as designed though give the urls shown in the message, If you open "technical details" what information is given there?
Flags: needinfo?(bogdan.maris)
I tested on other machines here in the office and I get this only on Windows 7.

If I open technical details I get this:
"pyramid.king.com uses an invalid security certificate.
The certificate is not trusted because no issuer chain was provided.
(Error code: sec_error_unknown_issuer)"
Flags: needinfo?(bogdan.maris)
QA Contact: bogdan.maris
Another report:

"Seamonkey in Win 7 won't load the same sites it loaded in XP"
http://forums.mozillazine.org/viewtopic.php?f=5&t=2784785

In this case, XP loads the site, no questions, where Win7 gives you the "This Connection is Untrusted" dialog.
I wonder if Bug 765924 - Don't show additional SSL errors when showing sec_error_unknown_issuer is the issue?
Hi Bogdan,

Is this still an issue?

AFAICT, https://pyramid.king.com is configured fine now.

I suspect that you ran into issues previously because pyramid.king.com didn't send the necessary intermediate cert, and that on some machines you tested, the profile you were using happened to have the correct intermediate already cached, hence masking the issue.
Flags: needinfo?(bogdan.maris)
(In reply to :Cykesiopka from comment #5)
> Hi Bogdan,
> 
> Is this still an issue?
> 
> AFAICT, https://pyramid.king.com is configured fine now.
> 
> I suspect that you ran into issues previously because pyramid.king.com
> didn't send the necessary intermediate cert, and that on some machines you
> tested, the profile you were using happened to have the correct intermediate
> already cached, hence masking the issue.

I can't reproduce this anymore using latest Nightly 47.0a1.
Status: NEW → RESOLVED
Closed: 8 years ago
Flags: needinfo?(bogdan.maris)
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: