Uploaded image for project: 'Nuxeo Drive '
  1. Nuxeo Drive
  2. NXDRIVE-404

Handle custom SSL certificates

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.0.1223
    • Fix Version/s: 4.0.2
    • Component/s: Authentication, GUI, Security

      Description

      For now they are ignored except if the --consider-ssl-errors option is passed as a parameter through the commandline or the ~/.nuxeo-drive/config.ini file, see NXDRIVE-401 for Qt network manager and NXDRIVE-506 for startup page connexion with urllib2.

      Let's better handle this for instance by:

      • Creating a checkbox to allow/deny certs errors for each account. Something as "Allow no trusted server".
      • Showing clearly this kind of exceptions in app interface and let the user choose to:
        • Reject the untrusted certificate and not connect to the server.
        • Bypass the untrusted certificate and save it as an exception, like in browsers.

        Attachments

          Issue Links

          causes

          Bug - A problem which impairs or prevents the functions of the product. NXDRIVE-1490 Fix certificate handling

          • Critical - Crashes, loss of data, severe memory leak.
          • Resolved
          depends on

          Bug - A problem which impairs or prevents the functions of the product. NXDRIVE-401 Authentication web page is not loaded with HTTPS and a non trusted certificate authority

          • Blocker - Blocks development and/or testing work, production could not run.
          • Resolved

          Bug - A problem which impairs or prevents the functions of the product. NXDRIVE-506 [SSL: CERTIFICATE_VERIFY_FAILED] while connecting through HTTPS under OS X

          • Blocker - Blocks development and/or testing work, production could not run.
          • Resolved
          is related to

          Bug - A problem which impairs or prevents the functions of the product. NXDRIVE-2472 Fix a security issue when retrieving a SSL certificate

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

          Question - A question that requires an answer NXDRIVE-1433 Add the ca-bundle option to allow setting a custom SSL certificate

          • Critical - Crashes, loss of data, severe memory leak.
          • Resolved

          Improvement - An improvement or enhancement to an existing feature or task. NXDRIVE-933 Test self-signed and bad certificates

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 2 days, 1 hour
                  2d 1h