[Bug 957823] New: firefox does not use company certificates
http://bugzilla.suse.com/show_bug.cgi?id=957823 Bug ID: 957823 Summary: firefox does not use company certificates Classification: openSUSE Product: openSUSE Tumbleweed Version: 2015* Hardware: x86-64 OS: Linux Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: ohering@suse.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- fresh current TW, xfce Installing the various ca-certificates-* from internal SUSE:CA repo, then running "firefox build.suse.de/imap.suse.de" will complain about untrusted connection. I see the SUSE_Trust_Root.pem in /etc/ssl/certs/. Is that supposed to be enough for firefox to use these company certificates? -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=957823
Olaf Hering
http://bugzilla.suse.com/show_bug.cgi?id=957823
Olaf Hering
http://bugzilla.suse.com/show_bug.cgi?id=957823
http://bugzilla.suse.com/show_bug.cgi?id=957823#c1
Andreas Stieger
http://bugzilla.suse.com/show_bug.cgi?id=957823
Andreas Stieger
http://bugzilla.suse.com/show_bug.cgi?id=957823
Andreas Stieger
http://bugzilla.suse.com/show_bug.cgi?id=957823
http://bugzilla.suse.com/show_bug.cgi?id=957823#c3
--- Comment #3 from Wolfgang Rosenauer
http://bugzilla.suse.com/show_bug.cgi?id=957823
http://bugzilla.suse.com/show_bug.cgi?id=957823#c4
--- Comment #4 from Olaf Hering
Seems that the package p11-kit-nss-trust can be used to achieve this nevertheless.
Yes, thats true. Is there any pitfall with it, p11-kit-nss-trust instead of mozilla-nss-certs? -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=957823
http://bugzilla.suse.com/show_bug.cgi?id=957823#c5
--- Comment #5 from Olaf Hering
(In reply to Wolfgang Rosenauer from comment #3)
Seems that the package p11-kit-nss-trust can be used to achieve this nevertheless.
Yes, thats true. Is there any pitfall with it, p11-kit-nss-trust instead of mozilla-nss-certs?
http://lmgtfy.com/?q=%22Certificate+issuer+is+not+built-in.%22 -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=957823
http://bugzilla.suse.com/show_bug.cgi?id=957823#c6
Olaf Hering
http://bugzilla.suse.com/show_bug.cgi?id=957823
Andreas Stieger
http://bugzilla.suse.com/show_bug.cgi?id=957823
Marcus Meissner
https://bugzilla.suse.com/show_bug.cgi?id=957823
Frederic Crozat
https://bugzilla.suse.com/show_bug.cgi?id=957823
Frederic Crozat
participants (2)
-
bugzilla_noreply@novell.com
-
bugzilla_noreply@suse.com