[tbb-bugs] #13353 [Tor Browser]: TBB 3.6.6 won't import certificate

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri Jan 9 09:01:55 UTC 2015


#13353: TBB 3.6.6 won't import certificate
-----------------------------+----------------------
     Reporter:  ZcbCkyj5     |      Owner:  tbb-team
         Type:  defect       |     Status:  new
     Priority:  normal       |  Milestone:
    Component:  Tor Browser  |    Version:
   Resolution:               |   Keywords:
Actual Points:               |  Parent ID:
       Points:               |
-----------------------------+----------------------

Comment (by ln5):

 Replying to [comment:9 gk]:
 > Replying to [comment:7 lucha]:
 > > Replying to [comment:6 gk]:
 > > > Resolved #13539 as duplicate. Do you by chance forget to leave
 Private Browsing Mode befoe trying to import the certificate?
 > >
 > > By "leave Private Browsing Mode" do you mean deselecting the option
 "Don't record browsing history or website data (enables Private Browsing
 Mode)" from the tor button Prefences panel? Because I can't find anything
 else I should disable.
 > >
 > > If that is what you are referring to, then no, it does not allow to
 import new certificates even with that option disabled.
 >
 > You have to restart your Tor Browser for this to take effect. So, this
 works for me:
 > 1) Click on the Torbutton onion -> Preferences... -> Privacy and
 Security Settings [Assuming you are using an alpha/nightly build]
 > 2) Uncheck "Don't record browsing history or website data (enables
 Private Browsing Mode)"
 > 3) Click on OK
 > 4) Restart Tor Browser
 > 5) Import a certificate (I tested that with a root CA)
 >
 > lucha, ln5: Does that work for you?

 It does. I didn't understand this. Thank you for your thorough
 clarification.

 For readers who like me are undereducated on the subject of "private
 browsing mode" I'll mention that testing indicates that the mode of the
 browser (private vs. non-private) selects between two sets of
 certificates. This means that in order to keep using certs imported in
 non-private mode one has to keep running the browser in non-private mode.


 > If so, that is the currently expected and #12998 + #13366 made this
 happen. If you think this behavior is wrong and you want to argue for
 treating the import of certificates differently (i.e. allowing to import
 certificates (and thus leaving traces on disc) while being in Private
 Browsing Mode) then this should be a new bug ticket.

 Agreed.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13353#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tbb-bugs mailing list