Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

ძიება მხარდაჭერაში

ნუ გაებმებით თაღლითების მახეში მხარდაჭერის საიტზე. აქ არასდროს მოგთხოვენ სატელეფონო ნომერზე დარეკვას, შეტყობინების გამოგზავნას ან პირადი მონაცემების გაზიარებას. გთხოვთ, გვაცნობოთ რამე საეჭვოს შემჩნევისას „დარღვევაზე მოხსენების“ მეშვეობით.

ვრცლად

firefox still trusts deleted certificate

  • 1 პასუხი
  • 1 მომხმარებელი წააწყდა მსგავს სიძნელეს
  • 12 ნახვა
  • ბოლოს გამოეხმაურა James

Basic Infomation

Firefox Version: 72.0.1

Operating System: Windows 10

Step to reproduce

  1. create a self-signed CA certificate and server certificate for localhost;
  2. create a server which serve https service with certificate and key above;
  3. request localhost, Firefox would warn that connection is not secure, which is ok;
  4. install CA certificate to Firefox certificates store and restart Firefox;
  5. request localhost again, and Firefox trusts server's certificate, ok;
  6. delete the self-signed root CA certificate we installed just now;
  7. restart Firefox, and request localhost, Firefox still treats connection as a secure connection.

Expectation

Firefox do not trust localhost server's certificate any more.

What I see instead

Firefox still trust a server certificate signed by a CA whose certificate is deleted from Firefox's trust authorities.


Is this a cache policy which works as expectation? I wonder if there is anything I did wrong, or do I have some misunderstanding about Firefox's certificate policy.# Numbered list item

'''Basic Infomation''' Firefox Version: 72.0.1 Operating System: Windows 10 '''Step to reproduce''' # create a self-signed CA certificate and server certificate for localhost; # create a server which serve https service with certificate and key above; # request localhost, Firefox would warn that connection is not secure, which is ok; # install CA certificate to Firefox certificates store and restart Firefox; # request localhost again, and Firefox trusts server's certificate, ok; # delete the self-signed root CA certificate we installed just now; # restart Firefox, and request localhost, Firefox still treats connection as a secure connection. '''Expectation''' Firefox do not trust localhost server's certificate any more. '''What I see instead''' Firefox still trust a server certificate signed by a CA whose certificate is deleted from Firefox's trust authorities. ----------------------------------------------------------------------- Is this a cache policy which works as expectation? I wonder if there is anything I did wrong, or do I have some misunderstanding about Firefox's certificate policy.# Numbered list item

ჩასწორების თარიღი: , ავტორი: James

ყველა პასუხი (1)

deleted

ჩასწორების თარიღი: , ავტორი: James