[Bug 181893] Re: clicking on an https link when the remote site has invalid credentials does not work

Mary Gardiner mary at puzzling.org
Fri Apr 4 23:26:26 UTC 2008


** Description changed:

  Binary package hint: epiphany-browser
  
- If there is a link to a site that is https, but the remote site has,
- say, an SSL certificate where the CN in the cert does not match the
- hostname for the remote site, then clicking the link will result in no
- action being taken by epiphany.
+ SUMMARY
+ Epiphany does not have an easy way to add a trusted certificate for an https site. Users who visit https sites with self-signed or other default untrusted certificates will see a page that looks like this screenshot: http://launchpadlibrarian.net/12764861/epiphany.png
+ 
+ Many legitimate websites including Free software sites such as
+ https://bugtrack.alsa-project.org/ and https://bugs.freedesktop.org/
+ have certificates that are not trusted by default. Epiphany should have
+ a method approximately as easy as Firefox 3's handling to add
+ certificates.
+ 
+ Please note, you do not need to report each non-working site
+ individually in this bug.
+ 
+ WORKAROUND
+ The current, lengthy, method of adding a certificate is:
+ 
+ Preliminary (these only need to be done once):
+ 1. Install the ephiphany-extensions package if you have not already
+ 2. If you had to install epiphany-extensions, restart epiphany
+ 3. Go to Tools -> Extensions and make sure 'Certificates' is ticked
+ 
+ For every site with a problem:
+ 1. go to Tools -> Manage Certificates
+ 2. Press 'Add Exception'
+ 3. At 'Location', enter the URL of the site with the problem and press 'Get Certificate'
+ 4. Review the Certificate Status to make sure you're satisfied.
+ 5. Make sure 'Permanently store this exception' is ticked unless you want to do this every time you visit the site
+ 6. Press 'Confirm Security Exception'
+ 
+ ORIGINAL DESCRIPTION:
+ If there is a link to a site that is https, but the remote site has, say, an SSL certificate where the CN in the cert does not match the hostname for the remote site, then clicking the link will result in no action being taken by epiphany.  
  
  In the past when clicking on such a link a dialog window will popup
  explaining the situation and asking you if you want to continue.   No
  such window now pops up and the browser does not continue to the linked-
  to site.  It simply does nothing.
  
  epiphany-gecko: 2.21.4-0ubuntu3
  epiphany-browser: 2.21.4-0ubuntu3

** Summary changed:

- clicking on an https link when the remote site has invalid credentials does not work
+ Adding a certificate exception for non-trusted HTTPS sites is very difficult

** Description changed:

  Binary package hint: epiphany-browser
  
  SUMMARY
  Epiphany does not have an easy way to add a trusted certificate for an https site. Users who visit https sites with self-signed or other default untrusted certificates will see a page that looks like this screenshot: http://launchpadlibrarian.net/12764861/epiphany.png
  
  Many legitimate websites including Free software sites such as
  https://bugtrack.alsa-project.org/ and https://bugs.freedesktop.org/
  have certificates that are not trusted by default. Epiphany should have
  a method approximately as easy as Firefox 3's handling to add
  certificates.
  
  Please note, you do not need to report each non-working site
  individually in this bug.
  
  WORKAROUND
  The current, lengthy, method of adding a certificate is:
  
  Preliminary (these only need to be done once):
- 1. Install the ephiphany-extensions package if you have not already
+ 1. Install the epiphany-extensions package if you have not already
  2. If you had to install epiphany-extensions, restart epiphany
  3. Go to Tools -> Extensions and make sure 'Certificates' is ticked
  
  For every site with a problem:
  1. go to Tools -> Manage Certificates
  2. Press 'Add Exception'
  3. At 'Location', enter the URL of the site with the problem and press 'Get Certificate'
  4. Review the Certificate Status to make sure you're satisfied.
  5. Make sure 'Permanently store this exception' is ticked unless you want to do this every time you visit the site
  6. Press 'Confirm Security Exception'
  
  ORIGINAL DESCRIPTION:
  If there is a link to a site that is https, but the remote site has, say, an SSL certificate where the CN in the cert does not match the hostname for the remote site, then clicking the link will result in no action being taken by epiphany.  
  
  In the past when clicking on such a link a dialog window will popup
  explaining the situation and asking you if you want to continue.   No
  such window now pops up and the browser does not continue to the linked-
  to site.  It simply does nothing.
  
  epiphany-gecko: 2.21.4-0ubuntu3
  epiphany-browser: 2.21.4-0ubuntu3

-- 
Adding a certificate exception for non-trusted HTTPS sites is very difficult
https://bugs.launchpad.net/bugs/181893
You received this bug notification because you are a member of Mozilla
Bugs, which is subscribed to xulrunner-1.9 in ubuntu.




More information about the Ubuntu-mozillateam-bugs mailing list