Red Hat Bugzilla – Bug 427630
Invalid certificates make websites inaccessible to epiphany
Last modified: 2008-07-18 09:48:47 EDT
Description of problem:
After upgrading to epiphany-2.21.5-0.1.svn7844.fc9, popular secured
websites have become inaccessible because of invalid certificates.
Examples for affected pages/sites are:
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Upgrade to the latest epiphany browser built against XULRunner.
2. Launch epiphany and point it to
A page load error occurs claiming that a "Secure Connection Failed".
As a workaround, one is invited to add an exception for this webpage
in "Advanced Encryption Settings" which may be implemented for the
FF3 frontend but not for epiphany. This means, that currently,
there is no possibility to override this error message making the
page effectively unaccessible.
When there is no valid certificate, there might be a warning giving
the user the choice to either reject the certificate or accept the
certificate temporarily or even permanently.
For previous versions of epiphany built against FF2, it was possible
to override the certificate alert.
Created attachment 290891 [details]
Screenshot of invalid certificate notification suggesting to add an exception
Sorry for the poorly chosen 2nd example. I had copied the URL from a posting
to the Fedora development list. Using
the screenshots section becomes actually accessible. However, it still
serves as an example, and in the case of the fdo bugzilla, the complaint
is about a self-signed certificate which is less obvious to deal with.
Not sure if this might help solve the problem, but I noticed that I can set the
exeptions via Certificates extension. However, would be good to have it
accessible from the error page itself (like is done in firefox 3).
Ah, this actually works. I wonder whether epiphany should then depend
on epiphany-extensions. This requirement may however become obsolete
soon as GNOME is about to switch to the WebKit backend.
I have epiphany-220.127.116.11-1.fc9.ppc installed and this version allows me to set
up exceptions for invalid SSL certificates, just like Firefox does.
I do not have Firefox nor any epiphany extensions installed. This functionality
now seems to be in the base epiphany package.
For me, this bug is fixed.
Changing version to '9' as part of upcoming Fedora 9 GA.
More information and reason for this action is here:
I can totally reproduce this bug in epiphany-18.104.22.168-1.fc9.x86_64.
That particular bug (not having a button to add an exception) should be fixed
already. I filed bug 444433 about the button not bringing along the URL of the
place into the dialogue.
Right, it's possible to add exceptions by simply following the
instructions when encountering a page with an invalid certificate.
Closing the bug as CURRENTRELEASE.
*** Bug 444433 has been marked as a duplicate of this bug. ***