User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20131030 Firefox/17.0 Iceweasel/17.0.10 (Nightly/Aurora) Build ID: 20131030041028 Steps to reproduce: When I go to my self-hosted website with a self-hosted certificate, I got a page "security warning… add a permanent exception", as expectd. But while on Firefox desktop, I can check the fingerprint before clicking on "add a permanent exception", on Firefox Android, there is no fingerprint displayed, so I can't know at all if I can trust it at all (to avoid MITM during the first connection). Actual results: No fingerprint is displayed anywhere. Expected results: It should show a fingerprint to be sure this is the right certificate.
Summary: Option to show self-signed certificate fingerprint → No option to show self-signed certificate fingerprint
Status: UNCONFIRMED → NEW
Ever confirmed: true
OS: Linux → Android
Hardware: x86_64 → ARM
Version: Firefox 26 → Trunk
I would complete this bug/request : Firefox Android should show every information common information of the certificate, including the certification chain. Users may have self-signed certificates, but they an also have their personal certificate authority.
I think it should be possible to show the HTTPS SSL certificate always when an HTTPS URL is opened. Not just when there's the need to add an exception. Even the stupid standard Android stock browser gives the possibility, to tap on the website icon on the upper left and show the certificate informations (including fingerprint) always when an HTTPS URL is opened. (tested on Android 4.4) At least this should be possible on Firefox-for-Android too! Additionally there should be a possibility to remove certificate-exceptions afterwards. See bug #795767 for details.
I think, this is an important bug. Are there any news?
Summary: No option to show self-signed certificate fingerprint → No option to show certificate fingerprint
I believe the visibility of SSL certificate information is more important on mobile devices and needs to be included as a display option to provide the user the ability to validate that information prior to visiting the site or adding an exception.
(In reply to Chuck from comment #6) > I believe the visibility of SSL certificate information is more important on > mobile devices and needs to be included as a display option to provide the > user the ability to validate that information prior to visiting the site or > adding an exception. This is so true. Also Google say Mobile is more used than Desktop for surfing the web. Mobile will be more attacked by hacker and phishing and all information about SSL should be showed not hidden as in Firefox for Mobile. This is very important to fix, implement asap.
Today seems a security issue report will be not fixed https://bugzilla.mozilla.org/show_bug.cgi?id=1332714 and in Firefox mobile still be not possibile check the certificate of a website... this is another security issue not fixed yet and reported 3 years ago... still be unassigned and unfixed...
This can now be viewed in 62+ using https://addons.mozilla.org/en-US/firefox/addon/certainly-something/
You need to log in before you can comment on or make changes to this bug.