cheungnj
commented
8 years ago If a customCert is imported with our extension and then the extension is uninstalled / disabled, should the customCert still be imported?
Open WilsonKathleen opened 8 years ago
cheungnj
commented
8 years ago If a customCert is imported with our extension and then the extension is uninstalled / disabled, should the customCert still be imported?
WilsonKathleen
commented
8 years ago No. If I disable a customCert that I imported (not builtin), it can be deleted -- it does not need to be shown as still imported.
WilsonKathleen
commented
8 years ago Oh! sorry, just realized the question was about uninstalling the add-on... I think that's a separate issue -- #27.
cheungnj
commented
8 years ago @mozkeeler When a custom cert is imported, it can successfully be deleted using the default Firefox cert manager and then this is reflected in our add-on. When trying to delete the cert using our add-on, the cert still appears in the default cert manager and our add-on. Would you happen to know why custom certs would not be deleted when calling deleteCertificate() on the nsIX509CertDB? The custom certificate is passed to the method and it is a nsIX509 cert.
mozkeeler
commented
8 years ago This may be a result of https://bugzilla.mozilla.org/show_bug.cgi?id=454782 (see also https://bugzilla.mozilla.org/show_bug.cgi?id=1267861 and https://bugzilla.mozilla.org/show_bug.cgi?id=435159 ). Does the certificate reappear even after restarting Firefox?
cheungnj
commented
8 years ago I just tested this with the new XPI and the certificate is deleted from both the old and new cert managers after deleteCertificate is called from the new cert manager and Firefox is restarted. https://bugzilla.mozilla.org/show_bug.cgi?id=1267861 appears to be the issue since the cert appears to only be lazily marked for deletion and not immediately deleted.
I think there should be a way to delete a non-built-in cert (a.k.a. customCert).
Example:
It would be great to have a way to delete a customCert such as this.