Closed Bug 99610 Opened 23 years ago Closed 23 years ago

SSL-client auth broken for SSL/SMTP

Categories

(Core Graveyard :: Security: UI, defect, P1)

Product:
Core Graveyard
Component:
Security: UI
Version:
1.0 Branch
Platform:
x86
Windows 2000
Type:
defect

Tracking

(Not tracked)

Status:
VERIFIED WORKSFORME
Milestone:
psm2.2

People

(Reporter: lord, Assigned: ssaux)

Details

Attachments

(3 files)

missing smart card
14.37 KB, image/gif
Details
asking for my ldap password
7.12 KB, image/gif
Details
double error message
5.56 KB, image/gif
Details
One two occasions I've had the following problem with SSL/SMTP. Setup: -My primary AOL cert is on my smartcard. -I have a "sectest" cert on the internal token. -Manual cert select -Win2K Although I've sent email in the past (by selecting my cert and typing my key3.db password), the client re-prompts me to select a cert. Instead of asking me to select between the sectest cert and the real AOL cert, the client only gives me the option to select the sectest cert. It doesn't see the smart card anymore! I select the sectest cert. The client then asks me for my nsmail-1 username and password, which tells me the server does not like the sectest cert. I type it in, and I get an error. I'll attach some screenshots.
Attached image missing smart card
Attached image double error message
target 2.2 P1
Priority: -- → P1
Target Milestone: --- → 2.2
I'm wondering if this problem is tied to my occasional use of Communicator to read encrypted emails.
it's true that there's no guarantee that the hardware token drivers behave gracefully with several process accessing them.
QA Contact: bsharma → junruh
Using today build: 2001-10-08-05-0.9.4, It seems that I am able to send the message with SSL turn on w/o a smartcard, but the client still re-prompt me to select the cert if I haven't login to the mail server yet (eg. Sending mail via SMAPI with no mozilla mail client running): Setup: - My AOL cert on the internal token. - "Sectest" cert on the internal token. - Manual cert select - "Always use SSL" on Outgoing mail server - Windows NT 4.0 - Dredd (NMS 4.15) mail server Step to reproduce: 1) Compose and send a message 2) "User Identification Request" dialog popup to ask me to choose a cert 3) Select a cert (my primary AOL cert) 4) Enter the master password for security device 5) "User Identification Request" dialog popup again (should not be) 6) Select the same cert, and the mail is delivered with no errors If I have already login to the mail server (either via plain text or client cert auth), the cert dialog will not popup again.
Antonio: The fact that you get to pick the cert twice is normal: You choose it once for the SMTP/SSL, and once when send message attempts to copy the message to the IMAP server. There are two servers and two cert picker. What you're describing isn't IMO a bug. Bob's issue was different, and may or may not still be reproducible.
Am having trouble sending email over SMTP with SSL. Outgoing SMTP mail server is different to the incoming IMAP server. Server is franklin.tsf.org.za. Works fine with Communicator 4.79. Requires client auth. Don't see any cert selection box. Mozilla is set to 'ask every time' under Edit->Preferences->Privacy&Security->Certificates.
Marking works for me. I cannot reproduce the original bug.
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → WORKSFORME
Verified.
Status: RESOLVED → VERIFIED
Product: PSM → Core
Version: psm2.1 → 1.0 Branch
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: