Bug 145819

Summary: Websocket Invalid Certificate Error after accepting self signed certificate
Product: WebKit Reporter: Fabio Rojas <frojas>
Component: WebCore Misc.Assignee: Nobody <webkit-unassigned>
Status: NEW ---    
Severity: Normal CC: ap, bfulgham, dbates, felix, hypertree, wilander
Priority: P2 Keywords: InRadar
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   

Description Fabio Rojas 2015-06-09 15:10:21 PDT 
Steps to Repro:
- Get WebContent from Site A
- Have webcontent retrieve webpage from site B 
- Site B uses a self signed cert
- User accepts self signed cert but does not add it to keychain
- Have web content try to communicate with site B using Websocket
- See the the following error in the logs:

[Error] WebSocket network error: OSStatus Error -9807: Invalid certificate chain  (index.html, line 0)

- At this point if the browser navigates to site B it displays that the certificate on site B is trusted because the user has accepted it for this session

Seen on Safari Version 8.0.6 (10600.6.3)

Note:
- This works on:
Chrome Version 43.0.2357.124 (64-bit)
Firefox Version 38.0.5
IE: 10, 11 and Edge
Comment 1 Fabio Rojas 2015-06-09 15:27:02 PDT 
Workaround: Add the self signed certificate from site B to the keychain
Comment 2 Alexey Proskuryakov 2015-06-09 21:51:45 PDT 
rdar://problem/9697244
Comment 3 Sanjay Kumar 2019-08-29 13:20:08 PDT 
Is this being considered for implementation ?
Without Self signed certificate we can not connect IoT devices to mobile Safari. This is a huge problem.