We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

חיפוש בתמיכה

יש להימנע מהונאות תמיכה. לעולם לא נבקש ממך להתקשר או לשלוח הודעת טקסט למספר טלפון או לשתף מידע אישי. נא לדווח על כל פעילות חשודה באמצעות באפשרות ״דיווח על שימוש לרעה״.

מידע נוסף

Trying to sign a page with an expired certificate, FF 20 allows me to select it and then shows the "401-Access is denied" message. How can I fix it?

  • 2 תגובות
  • 7 have this problem
  • 2 views
  • תגובה אחרונה מאת hecferme

more options

I am trying to sign an aspx page using an expired client certificate; when ff reads it, it says it is expired, but allows me to choose it as my credentials and tries to sign the page, failing with a 401 error, instead of showing me the sec_error_expired_certificate error that it is supposed to catch. In IE 10 the expired certificate is not even shown at all. The URL with an image of the expired certificate details that ff shows is https://docs.google.com/drawings/d/1lT9eaRWKKwRWz-N0KycJ9GZY0kh_vc6QJ96L-1mHT1U/edit?usp=sharing

The problem is that this exception is not redirecting to my aspx code, so I cannot catch the error. How can I fix this problem, advertising the user in a friendly way that the certificate is really expired?

Thanks a lot Hector

I am trying to sign an aspx page using an expired client certificate; when ff reads it, it says it is expired, but allows me to choose it as my credentials and tries to sign the page, failing with a 401 error, instead of showing me the sec_error_expired_certificate error that it is supposed to catch. In IE 10 the expired certificate is not even shown at all. The URL with an image of the expired certificate details that ff shows is https://docs.google.com/drawings/d/1lT9eaRWKKwRWz-N0KycJ9GZY0kh_vc6QJ96L-1mHT1U/edit?usp=sharing The problem is that this exception is not redirecting to my aspx code, so I cannot catch the error. How can I fix this problem, advertising the user in a friendly way that the certificate is really expired? Thanks a lot Hector

כל התגובות (2)

more options

Hello, Can you please confirm the following

1. You are setting up an expired certificate as the host certificate for your host (or) are you trying to sign an ASPX file with an expired certificate? 2. The webserver where you are hosting this ASPX (IIS I presume), has only certificate based authentication enabled - is that right? 3. You are seeing that when the user opens the website they are prompted that the certificate has expired, and even if they chose to move forward, they are not able to - is that the issue? 4. If (3) is not the issue and you want to be able to get access to the certificate-expiration error as part of the ASPX code, then that wouldn't be possible because the certificate validation would happen as part of the TLS connection negotiation

If you can please provide some more details, it will help.

Thank you

more options

hello, gnittala.

thanks for replying.

these are the answers for your questions.


1. we are not using an expired certificate as the host certificate. we are trying to access an aspx file configured in iis with request client certificate. the host certificate is ok (not expired).

2. no. it has just windows authentication. The client certificate is requested for a page that needs it for ssl.

3. no. the certificate appears expired in the firefox certificate dialog, but it lets me keep that certificate selected and continue. then, ff reports the access denied error.

4. we thought we could display a customized error in our code; however, according to your assertion, it is impossible.

thanks a lot.