Bug 138216

Summary: When a client certificate is rejected, Safari says the website didn’t accept the certificate “unknown” instead of naming the certificate
Product: WebKit Reporter: mitz
Component: WebKit2Assignee: mitz
Status: RESOLVED FIXED    
Severity: Normal CC: ap
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Include NSErrorClientCertificateChainKey when encoding error user info ap: review+

Description mitz 2014-10-30 11:35:44 PDT
When trying to authenticate to a website using a client certificate, if the server rejects the certificate, Safari shows an error sheet saying “The website “…” did not accept the certificate “unknown””. Instead of “unknown” it is supposed to name the certificate that was used. It’s not working because the error object is missing the NSErrorClientCertificateChainKey key in its userInfo dictionary.

Patch forthcoming.
Comment 1 mitz 2014-10-30 11:38:24 PDT
Created attachment 240684 [details]
Include NSErrorClientCertificateChainKey when encoding error user info
Comment 2 Alexey Proskuryakov 2014-10-30 11:44:17 PDT
Comment on attachment 240684 [details]
Include NSErrorClientCertificateChainKey when encoding error user info

View in context: https://bugs.webkit.org/attachment.cgi?id=240684&action=review

> Source/WebKit2/Shared/mac/WebCoreArgumentCodersMac.mm:203
> +        ASSERT(^{

Fun times.
Comment 3 mitz 2014-10-30 11:49:01 PDT
Fixed in <http://trac.webkit.org/r175374>.