搜尋 Mozilla 技術支援網站

防止技術支援詐騙。我們絕對不會要求您撥打電話或發送簡訊,或是提供個人資訊。請用「回報濫用」功能回報可疑的行為。

Learn More

selecting client cert automatically does not work

more options

If you have several client certs (from the same issuer) with different email addresses installed, Firefox always takes the one with the lowest serial number. Firefox lacks the capability to store information which client cert to use for a web site. Other browsers can do this by selecting the certificate the first time it is requested and remembering the choice. Firefox's 'ask every time' option only caches for the session. So how do I solve this?

If you have several client certs (from the same issuer) with different email addresses installed, Firefox always takes the one with the lowest serial number. Firefox lacks the capability to store information which client cert to use for a web site. Other browsers can do this by selecting the certificate the first time it is requested and remembering the choice. Firefox's 'ask every time' option only caches for the session. So how do I solve this?

所有回覆 (6)

more options

Hi, This is probably to protect your security. At Mozilla, we pride our selves at being one of the most security conscious browsers.

more options

What do you mean by 'probably'? This is just an excuse for a lack of functionality.

What is the difference in picking one automatically vs. having a lookup table? There is no security issue here unless you screw up the implementation.

由 Helmut K. C. Tessarek 於 修改

more options

Hi, I'll quite happily file a feature request on your behalf. Please remember I am a volunteer, and I don't know everything about Firefox. Please feel free to file a feature request on our bug tracking system. If you'd rather, I'll happily file on your behalf, with your permission.

more options

Thanks, I've already opened a bug report ( https://bugzilla.mozilla.org/show_bug.cgi?id=753017 ). This is actually a bug and not a feature request, because FF picks the one with the lowest SN, if there are more than just one. I don't think they will work on it though. I saw a report from 2001 where someone posted in 2006 that he will add this and that to the client cert component. If this had been done, my problem would not have happened in the first place.

由 Helmut K. C. Tessarek 於 修改

more options

Sorry for late reply, I can moan if they won't help you

more options

Yes, please.

I haven't received anything yet. Nobody even looked at it. If you can do something, please do.