[Bug 187341] Re: default ssl certificate is invalid
This bug was last touched in 2008. Current CUPS 1.5.0 connects via http://127.0.0.1:631 just fine Administration page prompts for user and pass. Closing since this is an ancient bug. ** Changed in: cupsys (Ubuntu) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/187341 Title: default ssl certificate is invalid To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/cupsys/+bug/187341/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 187341] Re: default ssl certificate is invalid
I am getting this issue with my ipmonitor server as well, it self signs the certificate itself, but not my PABX (switchvox) and as far as i know its signing by itself too. -- default ssl certificate is invalid https://bugs.launchpad.net/bugs/187341 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 187341] Re: default ssl certificate is invalid
It would be fine if the error is sec_error_untrusted_issuer for me, but I got sec_error_inadequate_key_usage for all the servers using self signed certs. Firefox 3 Beta 4 lets me add an exception, but Beta 5 just gives me a flat out error. I had to use a different browser just to use the sites I need to use. Unless there's a different way to generate self signed certs than what is documented already, I'd be stuck with this error. Your original post mentions sec_error_inadequate_key_usage, which is why I got here in the first place. I believe your issue is a different problem than what I got, just pointing out some information that I found after a frustrating search on the net. -- default ssl certificate is invalid https://bugs.launchpad.net/bugs/187341 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 187341] Re: default ssl certificate is invalid
Umm, that's not true. Self-signed certs can be be over-ridden. Furthermore, the error is "The certificate is not trusted because it is self signed. (Error code: sec_error_untrusted_issuer)" and not "Certificate key usage inadequate for attempted operation. (Error code: sec_error_inadequate_key_usage)" -- default ssl certificate is invalid https://bugs.launchpad.net/bugs/187341 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 187341] Re: default ssl certificate is invalid
As of Firefox 3 Beta 5, and possibly new updates to Firefox 2, all self- signed certs are considered invalid, and is done in such a way that you can never bypass them. I encountered this when I recently updated Hardy. I hope that the firefox developers are looking into this, as when I search around, this bug is everywhere. I'm facing the problem with my servers on the network that are self signed. Anyway, see: Bug 427081: Allow to override SEC_ERROR_INADEQUATE_KEY_USAGE https://bugzilla.mozilla.org/show_bug.cgi?id=427081 and the patch to resolve this: https://bugzilla.mozilla.org/attachment.cgi?id=313653&action=edit -- default ssl certificate is invalid https://bugs.launchpad.net/bugs/187341 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 187341] Re: default ssl certificate is invalid
Not sure. I believe it is missing one of the Certificate Key Usage attributes which firefox feels is required. The list of all certificate key usage values is here: http://www.mozilla.org/projects/security/pki/nss/tech-notes/tn3.html However, I'm not sure which usage values firefox wants. You can retrieve the details of a certificate from a server by doing: 'openssl s_client -showcerts -connect [host]:[port] | openssl x509 -text'. Looking at your examples, that would be 'openssl s_client -showcerts -connect localhost:8000 | openssl x509 -text' -- default ssl certificate is invalid https://bugs.launchpad.net/bugs/187341 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 187341] Re: default ssl certificate is invalid
Alex: specifically which attribute? I'm trying to troubleshoot a similar issue with a the self-signed cert in Sage ( http://sagemath.org ) generated by gnutls: http://trac.sagemath.org/sage_trac/ticket/1754 Perhaps Mozilla people could provide a document about how to make self- signed certs work with FF3 so that we can get our apps in shape. -- default ssl certificate is invalid https://bugs.launchpad.net/bugs/187341 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 187341] Re: default ssl certificate is invalid
No it's not. Firefox (correctly) gives the error "The certificate is not trusted because it is self signed." for a self-signed cert, and allows you to add an exception (the last as of beta 3) The problem is with one of the other attributes of the certificate which cupsys uses by default. ** Changed in: cupsys (Ubuntu) Sourcepackagename: firefox-3.0 => cupsys Status: Confirmed => New -- default ssl certificate is invalid https://bugs.launchpad.net/bugs/187341 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 187341] Re: default ssl certificate is invalid
I can reproduce this when trying to access an IBM Hardware Management Console (an appliance to manage POWER-based machines). Env.: Firefox 3 beta 3, up-to-date Hardy Haron. Looks like Firefox 3 isn't accepting self-signed certificates anymore - a workaround (button to add to exception list) would be welcome here. -- default ssl certificate is invalid https://bugs.launchpad.net/bugs/187341 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 187341] Re: default ssl certificate is invalid
This is a Firefox3 issue with self-signed certificates ** Changed in: firefox-3.0 (Ubuntu) Sourcepackagename: cupsys => firefox-3.0 Status: Incomplete => Confirmed -- default ssl certificate is invalid https://bugs.launchpad.net/bugs/187341 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 187341] Re: default ssl certificate is invalid
I am using firefox 3 on a hardy machine to connect to a cups server running dapper. The printer is a network printer. -- default ssl certificate is invalid https://bugs.launchpad.net/bugs/187341 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 187341] Re: default ssl certificate is invalid
Could you give more details as I'm not sure what you are trying. You are using firefox 3 (on a dapper machine?) to connect to a printer remotely? What machine is the printer connected to? ** Changed in: cupsys (Ubuntu) Status: New => Incomplete -- default ssl certificate is invalid https://bugs.launchpad.net/bugs/187341 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 187341] Re: default ssl certificate is invalid
Lame Workaround: In order to open a website that would give this error I downloaded the latest 2.* version from a binary (2.0.0.12 tar.gz), extracted and started Firefox 2.0.0.12. From there I was able to accept the certificate and open the website. The certificate was automatically transfer to the Beta 3.* version. Good luck! Fix this or find better workarounds! -- default ssl certificate is invalid https://bugs.launchpad.net/bugs/187341 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs