[Bug 45324] New: OpenID consumer when authentication an https://OpenID: show a distinct verification error message in case of untrusted (e.g. self-signed) CA

[bugzilla-daemon]

https://bugzilla.wikimedia.org/show_bug.cgi?id=45324

       Web browser: ---
            Bug ID: 45324
           Summary: OpenID consumer when authentication an https://OpenID:
                    show a distinct verification error message in case of
                    untrusted (e.g. self-signed) CA
           Product: MediaWiki extensions
           Version: master
          Hardware: All
                OS: All
            Status: NEW
          Severity: normal
          Priority: Unprioritized
         Component: OpenID
          Assignee: m...@tgries.de
          Reporter: m...@tgries.de
                CC: wikibugs-l@lists.wikimedia.org
    Classification: Unclassified
   Mobile Platform: ---

OpenID consumer when authentication an https://OpenID: show a distinct
verification error message in case of untrusted (e.g. self-signed) CA

Currently, you see only the general message "Verification error", even when the
consumer wiki knows that the CA is untrusted.

Inform the user that the verification failed because the OpenID server uses an
untrusted (e.g. self-signed) certificate.


Additional improvements:

+ allow to show the server certificate fingerprints (sha-256, sha-1, md5) (must
have)
+ allow to overwrite the single CA error(warning) and accept even an untrusted
OpenID on extra user action. (nice to have for testing)

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are watching all bug changes.
_______________________________________________
Wikibugs-l mailing list
Wikibugs-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l