Improve certificate import experience

[ceceliacreates]

Some users experience issues with Replay due to a lack of SSL/root certificates (my understanding in this area isn't great so my terminology may be off) in the Replay browser. This occurs in a VPN or secure work environment. One suggestion was to automatically use the root certificate from the existing browser data on the machine, or to improve the prompts to import certificates from other browsers.

[gideonred]

I remember helping at least one customer in this area.

The issue is that users create self signed/custom certificates with their own unofficial CA's. Our browser then needs to be made aware of these CA's. At the moment we do what Firefox does, which is: Ignores any unofficial CA's and only uses a trusted authority for CA's.

It would be interesting to see if Firefox imports unofficial CA's from Chrome when a user chooses to migrate.

[gideonred]

A VPN itself should not be a cause of any issues. I recall a user did initialy report an issue with VPN, but I believe the root cause was because of the use of unofficial CA's.

[ceceliacreates]

Yeah, I may not be describing it correctly. They mentioned being on a VPN but I agree the main issue is the certificates. The customer suggested that there was already a root certificate installed on the existing Firefox browser, and that either importing those certificates or using the existing file could be a solution. I'm sure Lenz could provide more details on what his workaround and fix was if that's helpful in determining a better experience.

[gideonred]

This ticket has been moved to RUN-298