WebPirate icon indicating copy to clipboard operation
WebPirate copied to clipboard

Published 20 hours ago verified publisher icon Dax89

Accept certificate for X happens too often and contains no useful information

Open Mikaela opened this issue 9 years ago • 1 comments

Some examples where I get the question:

  • https://openwireless.org/
  • https://kauppa.saunalahti.fi/ (shop for one Finnish carrier)
  • https://slashdot.org/
  • and a lot more.

Either I am MITMed a lot which seems very unlikely or there is a bug in Harbour Webpirate.

In case I am MITMed, there is nothing to proof that as I am just asked yes/no.

What would make it more useful would be at least:

  • Issued to
    • Common Name
    • Organization
    • Organization Unit
  • Issuer
    • Common Name
    • Organization
    • Organization unit
  • Date of granting
  • Date of expiring
  • SHA-512 fingerprint
  • SHA-256 fingerprint

This is what Chrome/Chromium also shows with the exception of it showing SHA-1 (which is deprecated) instead of SHA-512.

Mikaela avatar Nov 29 '15 09:11 Mikaela

The main problem basically is that the qtwebkit engine in SailfishOS is either built against an older openssl version or openssl is outdated. Nevertheless the certificate list is outdated which causes those certificate popups.
The problem for us developers is that we only get a failed ssl authentication dialog method to deal with it. So no why or who or when.
Its simply impossible to know what failed or what certificate it is thats asking for permission.
This is a limitation in upstreams qml api for qtwebkit.

I am not sure if its possible to find a solution for this.

llelectronics avatar Nov 29 '15 10:11 llelectronics