An error is received when loading a website with a smart card installed certificate
Categories
(Core :: Security: PSM, defect)
Tracking
()
People
(Reporter: cbaica, Unassigned)
Details
(Keywords: regressionwindow-wanted, Whiteboard: [enterprise])
Preconditions
- Hardware USB smart card with pre-installed client cert
- Machine with OpenSC installed
OpenSC install kit from here.
Tutorial to install OpenSC here.
Affected versions
- Fx71.0b10
- Fx72.0a1
Affected platforms
- Windows 10
- macOS 10.13
- Ubuntu 18.04
- Windows 7
Steps to reproduce
- Launch Firefox.
- Navigate to about:preferences > Privacy & Security > Security Devices > Load and browse to "opensc-pkcs11.so".
- Navigate to https://badssl.com
- Scroll down to the 'Client Certificate' section and click on 'Client'.
- Input the password.
Expected result
- A green page is loaded (successful website load).
Actual result
- A '400 BAD REQUEST' error is received.
Regression range
- Will come back with a regression range ASAP.
Additional notes
- Should we be using OpenSC PKCS#12 or the wiki suggested one PKCS#11?
Reporter | ||
Updated•4 years ago
|
Reporter | ||
Updated•4 years ago
|
Updated•4 years ago
|
Comment 1•4 years ago
|
||
The priority flag is not set for this bug.
:wleung, could you have a look please?
For more information, please visit auto_nag documentation.
Comment 2•4 years ago
|
||
Feels more like PSM to me
Have you determined the regression range?
Reporter | ||
Comment 4•4 years ago
|
||
I've tried a regression range and went back as far as Fx59.0a1 with the issue still being reproducible, but this shouldn't have happened because I remember running the exact same tests in Fx60 'bracket' (between Fx60 and Fx69) and everything was fine.
My best guess here is, that something was changed in the website rather than in Firefox, because the yubikey is correctly installed and the password is correctly required when trying to access the 'Client' sub-section.
Sounds like this isn't an issue in Firefox, then.
Description
•