为提升您的使用体验,本站正在维护,部分功能暂时无法使用。如果本站文章无法解决您的问题,您想要向社区提问的话,请到 Twitter 上的 @FirefoxSupport 或 Reddit 上的 /r/firefox 提问,我们的支持社区将会很快回复您的疑问。

搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

Trying to sign a page with an expired certificate, FF 20 allows me to select it and then shows the "401-Access is denied" message. How can I fix it?

  • 2 个回答
  • 7 人有此问题
  • 2 次查看
  • 最后回复者为 hecferme

more options

I am trying to sign an aspx page using an expired client certificate; when ff reads it, it says it is expired, but allows me to choose it as my credentials and tries to sign the page, failing with a 401 error, instead of showing me the sec_error_expired_certificate error that it is supposed to catch. In IE 10 the expired certificate is not even shown at all. The URL with an image of the expired certificate details that ff shows is https://docs.google.com/drawings/d/1lT9eaRWKKwRWz-N0KycJ9GZY0kh_vc6QJ96L-1mHT1U/edit?usp=sharing

The problem is that this exception is not redirecting to my aspx code, so I cannot catch the error. How can I fix this problem, advertising the user in a friendly way that the certificate is really expired?

Thanks a lot Hector

I am trying to sign an aspx page using an expired client certificate; when ff reads it, it says it is expired, but allows me to choose it as my credentials and tries to sign the page, failing with a 401 error, instead of showing me the sec_error_expired_certificate error that it is supposed to catch. In IE 10 the expired certificate is not even shown at all. The URL with an image of the expired certificate details that ff shows is https://docs.google.com/drawings/d/1lT9eaRWKKwRWz-N0KycJ9GZY0kh_vc6QJ96L-1mHT1U/edit?usp=sharing The problem is that this exception is not redirecting to my aspx code, so I cannot catch the error. How can I fix this problem, advertising the user in a friendly way that the certificate is really expired? Thanks a lot Hector

所有回复 (2)

more options

Hello, Can you please confirm the following

1. You are setting up an expired certificate as the host certificate for your host (or) are you trying to sign an ASPX file with an expired certificate? 2. The webserver where you are hosting this ASPX (IIS I presume), has only certificate based authentication enabled - is that right? 3. You are seeing that when the user opens the website they are prompted that the certificate has expired, and even if they chose to move forward, they are not able to - is that the issue? 4. If (3) is not the issue and you want to be able to get access to the certificate-expiration error as part of the ASPX code, then that wouldn't be possible because the certificate validation would happen as part of the TLS connection negotiation

If you can please provide some more details, it will help.

Thank you

more options

hello, gnittala.

thanks for replying.

these are the answers for your questions.


1. we are not using an expired certificate as the host certificate. we are trying to access an aspx file configured in iis with request client certificate. the host certificate is ok (not expired).

2. no. it has just windows authentication. The client certificate is requested for a page that needs it for ssl.

3. no. the certificate appears expired in the firefox certificate dialog, but it lets me keep that certificate selected and continue. then, ff reports the access denied error.

4. we thought we could display a customized error in our code; however, according to your assertion, it is impossible.

thanks a lot.