Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

Ky sajt do të funksionojë me kufizime, teksa bëjmë mirëmbajtjen e tij për të përmirësuar punën tuaj. Nëse një artikull nuk e zgjidh problemin tuaj dhe dëshironi të bëni një pyetje, kemi bashkësinë tonë të asistencës, e gatshme për t’ju ndihmuar, te @FirefoxSupport në Twitter dhe/r/firefox në Reddit.

Avatar for Username

Kërkoni te Asistenca

Shmangni karremëzime gjoja asistence. S’do t’ju kërkojmë kurrë të bëni një thirrje apo të dërgoni tekst te një numër telefoni, apo të na jepni të dhëna personale. Ju lutemi, raportoni veprimtari të dyshimtë duke përdorur mundësinë “Raportoni Abuzim”.

Mësoni Më Tepër

Kjo rrjedhë është arkivuar. Ju lutemi, bëni një pyetje të re, nëse keni nevojë për ndihmë.

Certificate Based Authentication and SmartCard requirements

  • 1 përgjigje
  • 1 e ka hasur këtë problem
  • 1 parje
  • Përgjigjja më e re nga ygini

ygini
ygini
more options

Hello,

We are using Firefox on macOS to access web services that require Certificate Based Authentication. Our certificates are stored on YubiKeys PIV slots.

If we plug the token, open Firefox and access the website, it works just fine. The Certificate picker is shown and the OS ask for the PIV PIN to validate the access.

However, if we do the request when the token isn't plugged, Firefox does not ask for it, the website deny the authentication and the context is kept in cache. Requesting again the web site with the token added in between does not restart the certificate lookup and we are forced to close Firefox or move to a private window to make it works.

What is the proper way to avoid this issue? Is it a known bug? Is there a way to configure Firefox to always show the certificate picker even if no certificate are found and then reload the list of certificate based on connections events?

Thanks

Hello, We are using Firefox on macOS to access web services that require Certificate Based Authentication. Our certificates are stored on YubiKeys PIV slots. If we plug the token, open Firefox and access the website, it works just fine. The Certificate picker is shown and the OS ask for the PIV PIN to validate the access. However, if we do the request when the token isn't plugged, Firefox does not ask for it, the website deny the authentication and the context is kept in cache. Requesting again the web site with the token added in between does not restart the certificate lookup and we are forced to close Firefox or move to a private window to make it works. What is the proper way to avoid this issue? Is it a known bug? Is there a way to configure Firefox to always show the certificate picker even if no certificate are found and then reload the list of certificate based on connections events? Thanks

Krejt Përgjigjet (1)

ygini
ygini I zoti i pyetjes
more options

Hello

Thanks for your answer but we are running 91.5.1esr and this feature isn't linked to the issue we describe.

This feature is a long waited support that allow Firefox to works with native OS certificate store. Which mean the certificate picker that I talk in my post is finally able to see certificate distributed by enterprise policies. Which is great.

But the issue I describe isn't here.

The issue I describe is that Firefox doesn't show this certificate picker if it cannot find any suitable option.

Which does not let the opportunity for the user to connect a SmartCard.