coolaj86
/
greenlock.html
2
2
Fork 0
Code Issues 5 Pull Requests Releases Wiki Activity
Labels Milestones
New Issue

Firefox hangs on DNS validation. #1

Closed
opened 6 years ago by josh · 8 comments
josh commented 6 years ago
Collaborator

Chrome is fine, but Firefox hangs on DNS domain validation Verifying Domains... (give us 5 seconds or so...)

Chrome is fine, but Firefox hangs on DNS domain validation `Verifying Domains... (give us 5 seconds or so...)`
coolaj86 commented 6 years ago
Owner

Open up the JavaScript console and check the error message and let us know what that is please.

We’re not handling errors properly yet.

Open up the JavaScript console and check the error message and let us know what that is please. We’re not handling errors properly yet.
jshaver commented 6 years ago
Collaborator

Confirmed, I see the same problem in Firefox. It could be one of my recent changes. I'll take a look.

Confirmed, I see the same problem in Firefox. It could be one of my recent changes. I'll take a look.
jshaver self-assigned this 6 years ago
jshaver commented 6 years ago
Collaborator

It wasn't what I thought it was. It looks like this is the line throwing a DOMException:

return crypto.subtle.importKey(
          "jwk"
        , info.serverJwk
        , wcOpts
        , true
        , ["sign"]
).then(function (privateKey) {
	return window.crypto.subtle.exportKey("pkcs8", privateKey);
})

window.crypto.suble.exportKey is throwing "NotSupportedError: Operation is not supported".

Looks like there are a few bug reports already:

https://bugzilla.mozilla.org/buglist.cgi?quicksearch=export+pkcs8

It wasn't what I thought it was. It looks like this is the line throwing a DOMException: ```javascript return crypto.subtle.importKey( "jwk" , info.serverJwk , wcOpts , true , ["sign"] ).then(function (privateKey) { return window.crypto.subtle.exportKey("pkcs8", privateKey); }) ``` window.crypto.suble.exportKey is throwing "NotSupportedError: Operation is not supported". Looks like there are a few bug reports already: [https://bugzilla.mozilla.org/buglist.cgi?quicksearch=export+pkcs8](https://bugzilla.mozilla.org/buglist.cgi?quicksearch=export+pkcs8)
coolaj86 commented 6 years ago
Owner

I don’t think we actually need that method. I was just using it for debugging if I recall.

I don’t think we actually need that method. I was just using it for debugging if I recall.
jshaver commented 6 years ago
Collaborator

Isn't it whats giving us PKCS #8 format for the private key? I'll see what it looks like without it.

Isn't it whats giving us PKCS #8 format for the private key? I'll see what it looks like without it.
coolaj86 commented 6 years ago
Owner

I’d have to look and see. If it’s what I was using to then convert to a PEM, then yes.

There’s probably a pure JavaScript shim to convert from JWK to PEM, but that’s literally retarded if Firefox doesn’t support the oldest and most widely used format for key files...

I’d have to look and see. If it’s what I was using to then convert to a PEM, then yes. There’s probably a pure JavaScript shim to convert from JWK to PEM, but that’s literally retarded if Firefox doesn’t support the oldest and most widely used format for key files...
josh commented 6 years ago
Poster
Collaborator

Accidentally played this dance again.

Accidentally played this dance again.
jshaver commented 5 years ago
Collaborator

We did get this working in firefox, although not with ECDSA. Right now, if it fails to export an ECDSA key, it will fall back to RSA.

We did get this working in firefox, although not with ECDSA. Right now, if it fails to export an ECDSA key, it will fall back to RSA.
jshaver closed this issue 5 years ago
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
live-site
master
v1
v2
Labels
Apply labels
Clear labels
No items
No Label
Milestone
Set milestone
Clear milestone
No items
No Milestone
Assignees
Assign users
Clear assignees
No Assignees
jshaver
jshaver
jshaver
jshaver
3 Participants
Notifications
Due Date

No due date set.

Dependencies

This issue currently doesn't have any dependencies.

Write Preview
Loading…
Cancel
Save
There is no content yet.
Delete Branch '%!s(MISSING)'

Deleting a branch is permanent. It CANNOT be undone. Continue?

No
Yes