[Bug 181893] Re: Adding a certificate exception for non-trusted HTTPS sites is very difficult
Having worked around bug 214468, I've looked at the new version that Senor Hubris pointed out. From the description: Problems with the current solution: 1. it requires installing epiphany-extensions, which many users need to add especially [NO LONGER TRUE] 2. it requires a lengthy sequence of steps [NO LONGER TRUE, although perhaps having to click on "Or you can add an exception…" and then "Add Exception" is still long] 3. it requires re-entering the URL [STILL TRUE] 4. the lengthy sequence of steps is not spelled out in the error dialog, which refers to 'advanced encryption settings', which does not appear in the menus [NO LONGER TRUE] I'll update the description accordingly. ** Description changed: Binary package hint: epiphany-browser SUMMARY - Epiphany does not have an easy way to add a trusted certificate for an https site. Users who visit https sites with self-signed or other default untrusted certificates will see a page that looks like this screenshot: http://launchpadlibrarian.net/12764861/epiphany.png - - Many legitimate websites including Free software sites such as - https://bugtrack.alsa-project.org/ and https://bugs.freedesktop.org/ - have certificates that are not trusted by default. Epiphany should have - a method approximately as easy as Firefox 3's handling to add - certificates. + Epiphany's handling of adding HTTPS certificates is not as streamlined as it could be. Presently users are presented with an error, and they then must click "Or you can add an exception…" then "Add exception..." then they must re-enter the URL with the problem, press "Get Certificate" and "Confirm Security Exception" Problems with the current solution: - 1. it requires installing epiphany-extensions, which many users need to add especially - 2. it requires a lengthy sequence of steps - 3. it requires re-entering the URL - 4. the lengthy sequence of steps is not spelled out in the error dialog, which refers to 'advanced encryption settings', which does not appear in the menus + 1. it requires a lengthy sequence of steps + 2. some of the steps look like doing the same thing twice "I want to add an exception"... "no, I really want to add an exception!" + 3. it requires re-entering the problematic URL. Not all users will really understand what this means. Some users will have clicked on a link to get to the page. They then have to copy the URL from the location bar, or realise that it can be selected for copy+paste, which is not entirely obvious. + + Early comments on this bug describe earlier handling, which was far more + obscure again. Please note, you do not need to report each non-working site individually in this bug. - - WORKAROUND - The current, lengthy, method of adding a certificate is: - - Preliminary (these only need to be done once): - 1. Install the epiphany-extensions package if you have not already - 2. If you had to install epiphany-extensions, restart epiphany - 3. Go to Tools -> Extensions and make sure 'Certificates' is ticked - - For every site with a problem: - 1. go to Tools -> Manage Certificates - 2. Press 'Add Exception' - 3. At 'Location', enter the URL of the site with the problem and press 'Get Certificate' - 4. Review the Certificate Status to make sure you're satisfied. - 5. Make sure 'Permanently store this exception' is ticked unless you want to do this every time you visit the site - 6. Press 'Confirm Security Exception' - - ORIGINAL DESCRIPTION: - If there is a link to a site that is https, but the remote site has, say, an SSL certificate where the CN in the cert does not match the hostname for the remote site, then clicking the link will result in no action being taken by epiphany. - - In the past when clicking on such a link a dialog window will popup - explaining the situation and asking you if you want to continue. No - such window now pops up and the browser does not continue to the linked- - to site. It simply does nothing. - - epiphany-gecko: 2.21.4-0ubuntu3 - epiphany-browser: 2.21.4-0ubuntu3 ** Summary changed: - Adding a certificate exception for non-trusted HTTPS sites is very difficult + Adding a certificate exception for non-trusted HTTPS sites is difficult -- Adding a certificate exception for non-trusted HTTPS sites is difficult https://bugs.launchpad.net/bugs/181893 You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is a bug assignee. -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
Re: [Bug 181893] Re: Adding a certificate exception for non-trusted HTTPS sites is very difficult
My complete inability to view any HTTPS site whatsoever (including valid certificates) without crashing Epiphany entirely has been filed as bug 214468. -- Adding a certificate exception for non-trusted HTTPS sites is very difficult https://bugs.launchpad.net/bugs/181893 You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is a bug assignee. -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
Re: [Bug 181893] Re: Adding a certificate exception for non-trusted HTTPS sites is very difficult
> With the most recent xulrunner and epiphany this is made easier. At the moment, with the following versions, Epiphany is much worse, not better: epiphany-browser: 2.22.1.1-0ubuntu1 epiphany-gecko: 2.22.1.1-0ubuntu1 xulrunner-1.9: 1.9~b5+nobinonly-0ubuntu1 epiphany-extensions: 2.22.0-0ubuntu1 epiphany-browser-dbg: 2.22.1.1-0ubuntu1 If I visit https://bugtrack.alsa-project.org/alsa-bug/ epiphany crashes entirely. I'll report it separately and add the bug number here. -- Adding a certificate exception for non-trusted HTTPS sites is very difficult https://bugs.launchpad.net/bugs/181893 You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is a bug assignee. -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 181893] Re: Adding a certificate exception for non-trusted HTTPS sites is very difficult
With the most recent xulrunner and epiphany this is made easier. Much like Firefox 3 you'll get a webpage that explains that you will need to explicitly set an exception for that site. It now presents you with a button that takes you to the Tools -> Manage Certificates / Servers / Add Exception window. The only thing it doesn't do is automatically fill in the Server Location field automatically. -- Adding a certificate exception for non-trusted HTTPS sites is very difficult https://bugs.launchpad.net/bugs/181893 You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is a bug assignee. -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 181893] Re: Adding a certificate exception for non-trusted HTTPS sites is very difficult
** Also affects: epiphany-extensions (Ubuntu) Importance: Undecided Status: New -- Adding a certificate exception for non-trusted HTTPS sites is very difficult https://bugs.launchpad.net/bugs/181893 You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is a bug assignee. -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 181893] Re: Adding a certificate exception for non-trusted HTTPS sites is very difficult
** Description changed: Binary package hint: epiphany-browser SUMMARY Epiphany does not have an easy way to add a trusted certificate for an https site. Users who visit https sites with self-signed or other default untrusted certificates will see a page that looks like this screenshot: http://launchpadlibrarian.net/12764861/epiphany.png Many legitimate websites including Free software sites such as https://bugtrack.alsa-project.org/ and https://bugs.freedesktop.org/ have certificates that are not trusted by default. Epiphany should have a method approximately as easy as Firefox 3's handling to add certificates. + + Problems with the current solution: + 1. it requires installing epiphany-extensions, which many users need to add especially + 2. it requires a lengthy sequence of steps + 3. it requires re-entering the URL + 4. the lengthy sequence of steps is not spelled out in the error dialog, which refers to 'advanced encryption settings', which does not appear in the menus Please note, you do not need to report each non-working site individually in this bug. WORKAROUND The current, lengthy, method of adding a certificate is: Preliminary (these only need to be done once): 1. Install the epiphany-extensions package if you have not already 2. If you had to install epiphany-extensions, restart epiphany 3. Go to Tools -> Extensions and make sure 'Certificates' is ticked For every site with a problem: 1. go to Tools -> Manage Certificates 2. Press 'Add Exception' 3. At 'Location', enter the URL of the site with the problem and press 'Get Certificate' 4. Review the Certificate Status to make sure you're satisfied. 5. Make sure 'Permanently store this exception' is ticked unless you want to do this every time you visit the site 6. Press 'Confirm Security Exception' ORIGINAL DESCRIPTION: If there is a link to a site that is https, but the remote site has, say, an SSL certificate where the CN in the cert does not match the hostname for the remote site, then clicking the link will result in no action being taken by epiphany. In the past when clicking on such a link a dialog window will popup explaining the situation and asking you if you want to continue. No such window now pops up and the browser does not continue to the linked- to site. It simply does nothing. epiphany-gecko: 2.21.4-0ubuntu3 epiphany-browser: 2.21.4-0ubuntu3 -- Adding a certificate exception for non-trusted HTTPS sites is very difficult https://bugs.launchpad.net/bugs/181893 You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is a bug assignee. -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
