| Summary: | Firefox don't remember self signed certificate exception. | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | Marc Mascré <marc> |
| Component: | RPM Packages | Assignee: | All Packagers <pkg-bugs> |
| Status: | UNCONFIRMED --- | QA Contact: | |
| Severity: | normal | ||
| Priority: | Normal | CC: | davidwhodgins, lewyssmith, mageia |
| Version: | 8 | ||
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Source RPM: | firefox-78.13.0-1.mga8.src.rpm | CVE: | |
| Status comment: | |||
|
Description
Marc Mascré
2021-08-24 15:50:04 CEST
You did not say which version of firefox gave you the problem; I have inserted the latest issued one 'firefox-78.13', which may not be your case. Please say whether this problem has appeared after a recent update (from what to what); whether it did not happen with earlier versions; or whether you have had it always with Mageia 8. That sort of thing: is it a problem long present, or one that has just appeared? Source RPM:
(none) =>
firefox-78.13.0-1.mga8.src.rpm sorry for the lack of precision. This problem appears during mageia 7 with the first version of firefox 78 if I can remember well. And I had this problem from the beginning of mageia 8. I read somewhere that the problem was due to firefox 78 esr. So I decided to wait for the next version. But when I saw that the 91 esr still have problem, I decide to ask some help. Thank you for the clarification. Assigning initially to DavidW: you are probably the best person to comment on the problem, which looks an upstream thing that we cannot do anything about. Assignee:
bugsquad =>
luigiwalser Yes, Marc will need to report this upstream. A workaround would be to run your own CA. Assignee:
luigiwalser =>
pkg-bugs I do this, and it is working for me, using firefox-78.13.0-1.mga8.
When I first access the https server running on my local network, Firefox displays the security warning. Clicking on "Advanced" and then "Accept the risks and continue" causes my self-signed certificate to be automatically and permanently added as both an Authority and a Server in the Firefox Certificate Manager - I don't need to add them manually.
Maybe it is something different about the way you generate your self-signed certificate. I use the following script. Change FQDN to the fully qualified domain name of your server - all the other answers can be anything you like.
#!/bin/sh
umask 077
answers() {
echo Country
echo County
echo Town
echo Organisation
echo Unit
echo FQDN
echo root@FQDN
}
PEM1=`/bin/mktemp /tmp/openssl.XXXXXX`
PEM2=`/bin/mktemp /tmp/openssl.XXXXXX`
trap "rm -f $PEM1 $PEM2" SIGINT
answers | /usr/bin/openssl req -newkey rsa:2048 -keyout $PEM1 -nodes -x509 -days 3650 -out $PEM2 2> /dev/null
cat $PEM1 > selfsigned-priv.pem
cat $PEM2 > selfsigned-cert.pem
rm -f $PEM1 $PEM2CC:
(none) =>
mageia Any chance firefox has previously been run as root after using just su to become root? https://wiki.mageia.org/en/Never_use_just_su CC:
(none) =>
davidwhodgins I have done some tests. With a windows and firefox 91.0.2 it work With Ubuntu and firefox 85.0.1 (before update) and 91.0.2 (after update) It work. (I have test a quick installation of ubuntu in virtualbox to check) I ask myself if my configuration folder of firefox is not too old. It come from mageia 5 or 6 and the problem is appear with a new version of firefox. So I remove /home/user/.mozilla/ and let firefox create a new one. I add mozilla account to recover bookmarks, configuration, passwords ... And try again, but the problem is still here. I don't know if report this upstream is useful if I can't reproduce the problem on others distribution. Many time ago, I had talk about that on the French mailing list of mageia and at least one other user had the problem. Someone here had the problem too ? @Dave Hodgins : sincerely, I don't thinks so. But how check to be sure ? Is remove /home/user/.mozilla/ enough ? |