Tìm kiếm hỗ trợ

Tránh các lừa đảo về hỗ trợ. Chúng tôi sẽ không bao giờ yêu cầu bạn gọi hoặc nhắn tin đến số điện thoại hoặc chia sẻ thông tin cá nhân. Vui lòng báo cáo hoạt động đáng ngờ bằng cách sử dụng tùy chọn "Báo cáo lạm dụng".

Tìm hiểu thêm

User Identification Request (Client Certificate) Is Not Remembered

  • 2 trả lời
  • 2 gặp vấn đề này
  • 7 lượt xem
  • Trả lời mới nhất được viết bởi andrew.roth

more options

Hello,

I use several websites that utilize mutual TLS authentication, also known as client certificate authentication. As a developer behind some of these websites, we will frequently launch and relaunch some of these sites to test different changes, so we don't usually bother with getting a properly signed certificate for the site. Developers must add a security exception for accessing the sites, which then prompt for user authentication using client certificates.

The problem I am encountering is that the "Remember this decision" checkbox on the "User Identification Request" does not seem to be working properly. There is one site which makes several connections when the page is first loaded and we have to click "Ok" on the "User Identification Request" about 10 times before the page fully loads. Other sites will randomly prompt for the request again when fetching data. The hostname and port do not change between requests.

I've tried replicating this behavior with a basic Apache httpd server setup with client authentication, but it doesn't seem to happen for the basic site. If this is happening due to a server configuration issue, I would like to know what it is that is causing it so that I can fix it. When using Chrome, this behavior does not happen.

Thank you!

Hello, I use several websites that utilize [https://en.wikipedia.org/wiki/Mutual_authentication mutual TLS authentication], also known as client certificate authentication. As a developer behind some of these websites, we will frequently launch and relaunch some of these sites to test different changes, so we don't usually bother with getting a properly signed certificate for the site. Developers must add a security exception for accessing the sites, which then prompt for user authentication using client certificates. The problem I am encountering is that the "Remember this decision" checkbox on the "User Identification Request" does not seem to be working properly. There is one site which makes several connections when the page is first loaded and we have to click "Ok" on the "User Identification Request" about 10 times before the page fully loads. Other sites will randomly prompt for the request again when fetching data. The hostname and port do not change between requests. I've tried replicating this behavior with a basic Apache httpd server setup with client authentication, but it doesn't seem to happen for the basic site. If this is happening due to a server configuration issue, I would like to know what it is that is causing it so that I can fix it. When using Chrome, this behavior does not happen. Thank you!
Đính kèm ảnh chụp màn hình

Tất cả các câu trả lời (2)

more options

Try to ask advice on a web development oriented forum.

more options

Hello,

Thank you for taking the time to respond. I have searched the MDN documentation and wasn't able to find anything related to client certificate authentication. Unfortunately, I don't believe this to be a web developer issue, but rather an issue with how Firefox is handling connection authentication using client certificates (i.e. mTLS). Chrome and other browsers don't seem to have this issue. Is there a way I can file a bug or open an issue for Firefox itself?

I'm happy to provide additional information on the connection, but not sure what to look for.

Thank you, Andrew

Được chỉnh sửa bởi andrew.roth vào