View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0001502Main CAcert Websiteweb of trustpublic2021-01-13 16:052024-01-04 02:58
Reporteralkas Assigned To 
PrioritynormalSeveritymajorReproducibilityalways
Status newResolutionopen 
PlatformDefaultOSanyOS Versionany
Product Version2015 Q3 
Summary0001502: Website CAcert.org should be more user friendly
DescriptionMany question for Support team concern few problems.
#1 - a common user is trying to get a client certificate e. g. for e-mail security. When s/he uses browsers like Firefox, Chrome, Edge, Safari etc,, s/he sees the following error message (roughly): No valid CSR received. Try another browser. The Wiki articles exist with solutions of just this. Will it be possible to add a link to the specific Wiki article?

The most frequent questions to Support:
. My browser is unable to create and submit CSR, (Wiki: https://wiki.cacert.org/HowTo/ClientCertCreate4)
- I am unable to renew my certificate (Wiki: https://wiki.cacert.org/FAQ/CertificateRenewal)
- My system reports the private key needed, where to find it (Wiki: https://wiki.cacert.org/FAQ/MissingPrivateKey)
- How to convert binary P10 formatted CSR to Base64 format (Wiki: https://wiki.cacert.org/HowTo/CertP10toBase64Coding)
- Digital signing of documents (e.g. Wiki: https://wiki.cacert.org/AdobeReader and more)
...and several other.
Steps To ReproduceTry to make a client cert via Firefox browser. Look at the error message. The Wiki articles solving this are https://wiki.cacert.org/FAQ/Keygen, and https://wiki.cacert.org/HowTo/ClientCertCreate4
Tagsbrowser, Wiki, WoT
Reviewed by
Test Instructions

Relationships

related to 0001551 needs review & testingTed Adjust interface on page for signing certificate to refer to the new CSR creation web app 

Activities

Golffies

2021-02-03 13:09

manager   ~0005956

Proposal for a quick but efficient fix.
It might look like that (consensus with Aleš and Dirk):

* change as least as possible the text of the UI, in order to avoid to change it in many langages at once

* make the checkbox "Show advanced options" checked by default (please see attached screenshot)

* add a default explanation text in the CSR input field (text box) where the CSR has to be pasted

* such a text might look like that:

  "Please pay attention that Certificate Signing Request is not optional anymore. It is mandatory to copy and paste a CSR into this box. The certificate generation won't work in case you do not provide a CSR. Please clear this text and paste your CSR here."

* ideally, such text should be in written grey, in the background of the CSR input field, then disapear by itself as soon as the user pastes a CSR or type any character in the input box.
Screen Shot 2021-02-03 at 13.58.14.png (100,719 bytes)   
Screen Shot 2021-02-03 at 13.58.14.png (100,719 bytes)   

NoSubstitute

2024-01-03 14:50

updater   ~0006199

@alkas - I think some of your wishes will be fulfilled when 1551 is re-implemented.
It was, briefly, but then the signer crashed and was restored using a backup which didn't have the new/current code.

The wiki also mentions this new, much easier method.
https://wiki.cacert.org/FAQ/Keygen

And, IIRC, it was you who created the even better wiki page with images on how to use the new method. :-)
https://wiki.cacert.org/TutorialsHowto/Generate-new-CSR

NoSubstitute

2024-01-04 02:58

updater   ~0006204

Correction, it was webdb1that crashed, not the signer.

Issue History

Date Modified Username Field Change
2021-01-13 16:05 alkas New Issue
2021-01-13 16:05 alkas Tag Attached: browser
2021-01-13 16:05 alkas Tag Attached: Wiki
2021-01-13 16:05 alkas Tag Attached: WoT
2021-02-03 13:09 Golffies Note Added: 0005956
2021-02-03 13:09 Golffies File Added: Screen Shot 2021-02-03 at 13.58.14.png
2024-01-03 14:44 NoSubstitute Relationship added related to 0001551
2024-01-03 14:50 NoSubstitute Note Added: 0006199
2024-01-04 02:58 NoSubstitute Note Added: 0006204