Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

Mozilla 도움말 검색

고객 지원 사기를 피하세요. 저희는 여러분께 절대로 전화를 걸거나 문자를 보내거나 개인 정보를 공유하도록 요청하지 않습니다. "악용 사례 신고"옵션을 사용하여 의심스러운 활동을 신고해 주세요.

자세히 살펴보기

firefox still trusts deleted certificate

  • 1 답장
  • 1 이 문제를 만남
  • 12 보기
  • 최종 답변자: James

more options

Basic Infomation

Firefox Version: 72.0.1

Operating System: Windows 10

Step to reproduce

  1. create a self-signed CA certificate and server certificate for localhost;
  2. create a server which serve https service with certificate and key above;
  3. request localhost, Firefox would warn that connection is not secure, which is ok;
  4. install CA certificate to Firefox certificates store and restart Firefox;
  5. request localhost again, and Firefox trusts server's certificate, ok;
  6. delete the self-signed root CA certificate we installed just now;
  7. restart Firefox, and request localhost, Firefox still treats connection as a secure connection.

Expectation

Firefox do not trust localhost server's certificate any more.

What I see instead

Firefox still trust a server certificate signed by a CA whose certificate is deleted from Firefox's trust authorities.


Is this a cache policy which works as expectation? I wonder if there is anything I did wrong, or do I have some misunderstanding about Firefox's certificate policy.# Numbered list item

'''Basic Infomation''' Firefox Version: 72.0.1 Operating System: Windows 10 '''Step to reproduce''' # create a self-signed CA certificate and server certificate for localhost; # create a server which serve https service with certificate and key above; # request localhost, Firefox would warn that connection is not secure, which is ok; # install CA certificate to Firefox certificates store and restart Firefox; # request localhost again, and Firefox trusts server's certificate, ok; # delete the self-signed root CA certificate we installed just now; # restart Firefox, and request localhost, Firefox still treats connection as a secure connection. '''Expectation''' Firefox do not trust localhost server's certificate any more. '''What I see instead''' Firefox still trust a server certificate signed by a CA whose certificate is deleted from Firefox's trust authorities. ----------------------------------------------------------------------- Is this a cache policy which works as expectation? I wonder if there is anything I did wrong, or do I have some misunderstanding about Firefox's certificate policy.# Numbered list item

글쓴이 James 수정일시

모든 댓글 (1)

more options

deleted

글쓴이 James 수정일시