Mozilla Destek’te Ara

Destek dolandırıcılığından kaçının. Mozilla sizden asla bir telefon numarasını aramanızı, mesaj göndermenizi veya kişisel bilgilerinizi paylaşmanızı istemez. Şüpheli durumları “Kötüye kullanım bildir” seçeneğini kullanarak bildirebilirsiniz.

Daha Fazlasını Öğren

firefox still trusts deleted certificate

  • 1 yanıt
  • 1 kişi bu sorunu yaşıyor
  • 12 gösterim
  • Son yanıtı yazan: James

more options

Basic Infomation

Firefox Version: 72.0.1

Operating System: Windows 10

Step to reproduce

  1. create a self-signed CA certificate and server certificate for localhost;
  2. create a server which serve https service with certificate and key above;
  3. request localhost, Firefox would warn that connection is not secure, which is ok;
  4. install CA certificate to Firefox certificates store and restart Firefox;
  5. request localhost again, and Firefox trusts server's certificate, ok;
  6. delete the self-signed root CA certificate we installed just now;
  7. restart Firefox, and request localhost, Firefox still treats connection as a secure connection.

Expectation

Firefox do not trust localhost server's certificate any more.

What I see instead

Firefox still trust a server certificate signed by a CA whose certificate is deleted from Firefox's trust authorities.


Is this a cache policy which works as expectation? I wonder if there is anything I did wrong, or do I have some misunderstanding about Firefox's certificate policy.# Numbered list item

'''Basic Infomation''' Firefox Version: 72.0.1 Operating System: Windows 10 '''Step to reproduce''' # create a self-signed CA certificate and server certificate for localhost; # create a server which serve https service with certificate and key above; # request localhost, Firefox would warn that connection is not secure, which is ok; # install CA certificate to Firefox certificates store and restart Firefox; # request localhost again, and Firefox trusts server's certificate, ok; # delete the self-signed root CA certificate we installed just now; # restart Firefox, and request localhost, Firefox still treats connection as a secure connection. '''Expectation''' Firefox do not trust localhost server's certificate any more. '''What I see instead''' Firefox still trust a server certificate signed by a CA whose certificate is deleted from Firefox's trust authorities. ----------------------------------------------------------------------- Is this a cache policy which works as expectation? I wonder if there is anything I did wrong, or do I have some misunderstanding about Firefox's certificate policy.# Numbered list item

James tarafından tarihinde düzenlendi

Tüm Yanıtlar (1)

more options

deleted

James tarafından tarihinde düzenlendi