Firefox hangs on DNS validation. #1

Chiuso
aperto 2018-08-23 22:54:21 +00:00 da josh · 8 commenti
Collaborator

Chrome is fine, but Firefox hangs on DNS domain validation Verifying Domains... (give us 5 seconds or so...)

Chrome is fine, but Firefox hangs on DNS domain validation `Verifying Domains... (give us 5 seconds or so...)`
Proprietario

Open up the JavaScript console and check the error message and let us know what that is please.

We’re not handling errors properly yet.

Open up the JavaScript console and check the error message and let us know what that is please. We’re not handling errors properly yet.
Collaborator

Confirmed, I see the same problem in Firefox. It could be one of my recent changes. I'll take a look.

Confirmed, I see the same problem in Firefox. It could be one of my recent changes. I'll take a look.
jshaver 2018-08-23 23:13:13 +00:00 auto-assegnato
Collaborator

It wasn't what I thought it was. It looks like this is the line throwing a DOMException:

return crypto.subtle.importKey(
          "jwk"
        , info.serverJwk
        , wcOpts
        , true
        , ["sign"]
).then(function (privateKey) {
	return window.crypto.subtle.exportKey("pkcs8", privateKey);
})

window.crypto.suble.exportKey is throwing "NotSupportedError: Operation is not supported".

Looks like there are a few bug reports already:

https://bugzilla.mozilla.org/buglist.cgi?quicksearch=export+pkcs8

It wasn't what I thought it was. It looks like this is the line throwing a DOMException: ```javascript return crypto.subtle.importKey( "jwk" , info.serverJwk , wcOpts , true , ["sign"] ).then(function (privateKey) { return window.crypto.subtle.exportKey("pkcs8", privateKey); }) ``` window.crypto.suble.exportKey is throwing "NotSupportedError: Operation is not supported". Looks like there are a few bug reports already: [https://bugzilla.mozilla.org/buglist.cgi?quicksearch=export+pkcs8](https://bugzilla.mozilla.org/buglist.cgi?quicksearch=export+pkcs8)
Proprietario

I don’t think we actually need that method. I was just using it for debugging if I recall.

I don’t think we actually need that method. I was just using it for debugging if I recall.
Collaborator

Isn't it whats giving us PKCS #8 format for the private key? I'll see what it looks like without it.

Isn't it whats giving us PKCS #8 format for the private key? I'll see what it looks like without it.
Proprietario

I’d have to look and see. If it’s what I was using to then convert to a PEM, then yes.

There’s probably a pure JavaScript shim to convert from JWK to PEM, but that’s literally retarded if Firefox doesn’t support the oldest and most widely used format for key files...

I’d have to look and see. If it’s what I was using to then convert to a PEM, then yes. There’s probably a pure JavaScript shim to convert from JWK to PEM, but that’s literally retarded if Firefox doesn’t support the oldest and most widely used format for key files...
Autore
Collaborator

Accidentally played this dance again.

Accidentally played this dance again.
Collaborator

We did get this working in firefox, although not with ECDSA. Right now, if it fails to export an ECDSA key, it will fall back to RSA.

We did get this working in firefox, although not with ECDSA. Right now, if it fails to export an ECDSA key, it will fall back to RSA.
jshaver chiuso questo probleam 2018-11-27 00:40:10 +00:00
Effettua l'accesso per partecipare alla conversazione.
Nessuna etichetta
3 Partecipanti
Notifiche
Data di scadenza
Nessuna data di scadenza impostata.
Dipendenze

Nessuna dipendenza impostata.

Riferimento: coolaj86/greenlock.html#1
No description provided.