Opened 11 years ago

Last modified 10 years ago

#4625 new defect

Certificate installation required for Internet access on SA networks

Reported by: JerryV Owned by:
Priority: High Milestone: Unspecified
Component: Browse Version: Unspecified
Severity: Unspecified Keywords: AU1B, AU
Cc: Distribution/OS: Unspecified
Bug Status: Unconfirmed


F14 - 11.3.1 background information Now 13.2's Browse doesn't prompt to install the self-signed certificate, this requires manual intervention before internet access is available. Where should we install the certificate to?

Change History (6)

comment:1 Changed 11 years ago by godiard

  • Priority changed from Unspecified by Maintainer to High

comment:2 Changed 11 years ago by godiard

  • Component changed from Sugar to Browse

comment:3 Changed 11 years ago by godiard

I need more information about this issue.

The certificate is needed by the proxy or by the connection?

Also, I have downloaded, but that use /usr/bin/security
and looking at google, looks like a apple tool.

What happen if the certificate is not installed? Web navigation is not possible?

comment:4 Changed 11 years ago by quozl

The background information is unavailable, yields "403". I don't understand the problem description in #4625. I speculate that a customer network requires installation of a certificate in web browsers. Unless the cause of the change can be deduced from regression analysis on Browse sources, the next best thing is to capture the communication between Browse and the network on 11.3.1 in order to replicate it on 13.2.

comment:5 Changed 10 years ago by godiard

Add here a conversation with Matthew:

I think we need look at this as a opportunity to fix Browse properly.

While creating a Firefox activity can be a workaround,
after that, you will find 100 problems.
Sugarized applications are never perfectly integrated.

We need understand what is doing Firefox different:

  • Show to the user a dialog and add the user name/password to a database?
  • Store a certificate?
  • Where?
  • There are a file cert8.db?
  • Can we get a certificate file?

In the directory /home/olpc/Browse.activity/ we have a file cert8.db, and in theory Browse is using it.
I have tried use certutil to install a certificate, like [1]
using the file SAEDURootCA.cer from
but tell me "The certificate database is in an old, unsupported format"

Now, that file can be old or broken, because when I do (in my desktop):

certutil -d /home/gonzalo/.mozilla/firefox/gbfnonsw.default -L

I can see a list of installed certificates, but if I do the same in the Browse directory get:

certutil -d /home/gonzalo/Activities/Browse.activity -L
certutil: function failed: SEC_ERROR_LEGACY_DATABASE: The certificate/key database is in an old, unsupported format.

Is possible try copy the firefox cert8.db file to the Browse.activity directory and see if that solves the problem?

If that work, we need see if we can install the needed certificates using certutil or something else.

As you can see, more questions than replies, but I hope this help.



comment:6 Changed 10 years ago by mmack

  • Keywords AU added
Note: See TracTickets for help on using tickets.