145819 – Websocket Invalid Certificate Error after accepting self signed certificate

Bug 145819 - Websocket Invalid Certificate Error after accepting self signed certificate

Summary: Websocket Invalid Certificate Error after accepting self signed certificate

Status:	NEW

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	WebCore Misc. (show other bugs)
Version:	528+ (Nightly build)
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Nobody

URL:
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2015-06-09 15:10 PDT by Fabio Rojas
Modified:	2019-08-29 13:20 PDT (History)
CC List:	6 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Fabio Rojas 2015-06-09 15:10:21 PDT

Steps to Repro:
- Get WebContent from Site A
- Have webcontent retrieve webpage from site B 
- Site B uses a self signed cert
- User accepts self signed cert but does not add it to keychain
- Have web content try to communicate with site B using Websocket
- See the the following error in the logs:

[Error] WebSocket network error: OSStatus Error -9807: Invalid certificate chain  (index.html, line 0)

- At this point if the browser navigates to site B it displays that the certificate on site B is trusted because the user has accepted it for this session

Seen on Safari Version 8.0.6 (10600.6.3)

Note:
- This works on:
Chrome Version 43.0.2357.124 (64-bit)
Firefox Version 38.0.5
IE: 10, 11 and Edge

Comment 1 Fabio Rojas 2015-06-09 15:27:02 PDT

Workaround: Add the self signed certificate from site B to the keychain

Comment 2 Alexey Proskuryakov 2015-06-09 21:51:45 PDT

rdar://problem/9697244

Comment 3 Sanjay Kumar 2019-08-29 13:20:08 PDT

Is this being considered for implementation ?
Without Self signed certificate we can not connect IoT devices to mobile Safari. This is a huge problem.