View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0000889||CATS.cacert.org||User Interface||public||2010-11-11 23:16||2011-07-27 21:19|
|Fixed in Version||production|
|Summary||0000889: Login with Client Certs class3 doesn't work - login with Client Cert Class1 works|
|Description||there are many reports from users trying to login to cats.cacert.org|
login failed ...
all failed logins are users with a valid class3 client cert
create a new client cert as class1 login works like a charme
|Tags||No tags attached.|
irc:cacert log 2010-11-11
(23:10:32) kotek: hi Tennel
(23:11:08) Tennel: hello, i get "login failed" if i try to use the automated training system.
(23:15:27) kotek: strange, it works fine for me
(23:17:38) Tennel: yes, i had tried it again, after removing the config files of my browser but it didn't work.
(23:17:58) Tennel: which browser do you use?
(23:28:21) kotek: Opera
(23:28:37) kotek: it works fine
(23:29:38) Tennel: with chromium i can't create a client cert, an firefox throws this error, i will try opera
(23:31:57) kotek: 68% :<
(23:32:54) Tennel: ?
(23:34:05) kotek: my result of cats
(23:34:24) Tennel: ok
(23:34:41) Tennel: i'm afk for a while
(23:34:43) kotek: need to learn more about cacert
(23:56:35) Tennel: ok, i had tried firefox, chromium and opera. ff and chromium under win/lin and opera under win, nothing works
(23:56:42) Tennel: need help
(12.11.2010 00:00:08) kotek: have you checked if u have correctle installed your certificate and it is not expired?
(00:00:28) Tennel: yes, i created a new one
(00:00:55) Tennel: an my browser asks for it if i open the page
(00:01:52) kotek: can u log in with this certificate at cacert.org?
(00:02:13) Tennel: yes
(00:03:09) kotek: mhmm... what have u done?! :<
(00:05:08) Tennel: i had created a new client cert, had loged in, had clicked on the link at the sidebar, an then i had clicked the login button at the ATS site
(00:05:13) Tennel: nothing special
(00:05:37) Tennel: but it didn't work on every setup i have
(00:05:48) kotek: and what message has been displayed? can u send screenshot?
(00:07:57) Tennel: no, but i can describe it, under the button "login" is displayed "Login failed", thats all.
(00:08:09) Tennel: no explicit error messages
(00:08:21) kotek: this is error caused only by this certificate?
(00:08:33) kotek: when it was generated?
(00:08:46) Tennel: 30 minutes ago
(00:09:14) Tennel: all certs, i created 3 different certs
(00:09:23) kotek: maybe ATS and cacert db aren't synced yet
(00:09:38) Tennel: that could be
(00:09:59) u60: aeh ... you mean CATS site ?
(00:10:07) Tennel: yep
(00:10:15) u60: client cert is class3 cert ?
(00:10:21) Tennel: yes
(00:10:42) u60: there are known probs reported with client certs issued as class3 ....
(00:10:56) u60: plz issue a class1 client cert and try again
(00:11:15) Tennel: ok, i create another one and report
(00:14:48) Tennel: ok, thx it works
(00:15:25) Tennel: where can i put a bug report?
2011-04-02 (JC) https://cats.cacert.org gluck gehabt? Ich kann mich verbinden mit meiner Zertifikat, eine Sprache auswaehlen (EN/DE), aber immer mit "Login", ich bekomme die Fehlermeldung "Loginvorgang fehlgeschlagen". Es scheint zu mir alle Roots sind richtig importiert worden...
Anmelden bei CACert mit meine Zertifikat funktioniert. Ich hab's schon WinXP, Win7, FireFox 4, IE 9 probiert, ohne erfolg.
||I guess I now know the problem... And Class 1 certificates won't work anymore either, so I'll raise the priority!|
Taken from Ticket s20110403.66
I wanted to do the CATS test but can't login.
Error message is "Login failed" (see Screenshot attached).
I have generated the client certificate and installed it in my browser.
I CAN login at the CACert site with my client cert (without password).
I can also login at the blog and the wiki with my client cert.
I have tried different variations of the client cert:
- Class 1, Class 3
- No Name, Include 'Ludwig Weinzierl'
- Single Sign On ID, Add Single Sign On ID Information
I have tried it with Firefox and Chrome on OSX Snow Leopard, and Firefox
3.6.16 and Chromium 10.0.648.133 (77742) on Ubuntu 10.10.
A friend has exactly the same problem with Safari and Firefox an OSX
I sat down with the person who set up the CA for our company and we
tried it with IE 7 and Firefox 3.6. Three people have tried on four
different machines with 9 (!) different browser versions - to no avail.
I'm now 100% percent sure cats.cacert.org is broken.
Maybe it's not broken for everyone, maybe it's a language bug or
something, but its definitely broken for a lot of people.
If I can be of any help to pin this problem down please contact me.
||Just patched the production system, the bug should be fixed now (svn revision 2203), I'm waiting for confirmation by someone affected.|
||Several users confirmed they can now log in.|
|2010-11-11 23:16||Uli60||New Issue|
|2010-11-11 23:19||Uli60||Note Added: 0001780|
|2011-04-03 20:20||Ted||Status||new => needs work|
|2011-04-03 20:20||Ted||Assigned To||=> Ted|
|2011-04-04 01:12||Uli60||Note Added: 0001902|
|2011-04-05 13:17||Ted||Note Added: 0001903|
|2011-04-05 13:17||Ted||Priority||normal => urgent|
|2011-04-05 14:42||INOPIAE||Note Added: 0001904|
|2011-04-05 18:44||Ted||Note Added: 0001905|
|2011-04-05 21:54||Ted||Note Added: 0001906|
|2011-04-05 21:54||Ted||Status||needs work => solved?|
|2011-04-05 21:54||Ted||Fixed in Version||=> production|
|2011-04-05 21:54||Ted||Resolution||open => fixed|
|2011-07-18 07:30||Ted||Relationship added||has duplicate 0000808|
|2011-07-27 21:19||Ted||Status||solved? => closed|