MozillaZine

Mozilla Crypto Released for Windows, Linux!

Thursday March 9th, 2000

The first crypto-enabled builds of Mozilla have come online. Currently there are Windows and Linux builds available - a Mac version will be available soon. Enabled in these initial builds are SSL, the Security Advisor, and IMAPS. Signed mail and encrypted mail are not yet implemented.

To try out the PSM (Personal Security Manager), first you need to grab a special version of M14. There are Talkback and no-Talkback versions available for Windows, and Talkback and no-Talkback versions available for Linux. After you have installed this build, run Mozilla and browse to the PSM page at iPlanet. You can get details on the release, as well as any special instructions you may need (and instructions for Linux if you are building the M14 build from scratch). Scroll down the page, and you will see buttons to install the PSM version for your system. Clicking the button will start up the XPI installation routine, and the PSM will be downloaded and installed. After installation, close Mozilla and reopen to use the PSM. You should be able to visit secure websites now, and view the Security Advisor (available from the Tasks menu).

The source code for the PSM has not yet been released. We will let you know when it is.


#1 If you get an installation error -227 on Linux

by frankhecker <hecker@hecker.org>

Thursday March 9th, 2000 9:43 AM

Reply to this message

Just a bit of info in case this happens to anyone else:

I always install Mozilla on Linux as root and then run it under my own userid. When trying to install Netscape PSM (using the "Install PSM for Linux" button on the iPlanet PSM page) the installation failed with an error -227, because it couldn't write to the Mozilla directory.

The fix is simple: just make sure you have write permission to the directory containing the Mozilla binary; the install creates a new subdirectory "psm" in the Mozilla directory.

#2 What about -225?

by gerbilpower <gerbil@ucdavis.edu>

Thursday March 9th, 2000 9:53 AM

Reply to this message

I'm on a Windoze machine that it gives me a -225 error? It does create the PSM directory and all that.

<:3)~~

#6 Re: What about -225?

by cbegle

Thursday March 9th, 2000 10:16 AM

Reply to this message

According to <http://lxr.mozilla.org/se…xpinstall/src/nsInstall.h>, that is an extraction error. Hmm. Were you able to open the security manager and go to secure sites after installing?

#13 Re: Re: What about -225?

by gerbilpower <gerbil@ucdavis.edu>

Thursday March 9th, 2000 2:52 PM

Reply to this message

Nope, it didn't work. When I tried to visit a secure site it wanted to locate psm.exe which did not exist at all.

<:3)~~

#3 Will this work with the nightlies?

by luge

Thursday March 9th, 2000 10:04 AM

Reply to this message

The XPInstall seems to work fine (cool trick, BTW) but when I shut down my nightly and restart (today's nightly, of course) I still get an "https is not a registered protocol" error. Any tips or do I really need to stop using nightlies? ~luge

#4 Does not work with nightlies yet... (n/t)

by mozineAdmin

Thursday March 9th, 2000 10:08 AM

Reply to this message

#5 Any word on when?(n/t)

by luge

Thursday March 9th, 2000 10:14 AM

Reply to this message

(n/t)

#17 Re: Any word on when?(n/t)

by pavlov <pavlov@netscape.com>

Thursday March 9th, 2000 4:54 PM

Reply to this message

I have a carpool scheduled to land this stuff as soon as Netscape branches for beta (should happen in a few days).

#20 Awesome!

by luge

Thursday March 9th, 2000 11:47 PM

Reply to this message

Good to hear. Thanks for all the good work, guys...

#7 Nice, still can't log in to my bank though

by Kovu <Kovu401@netscape.net>

Thursday March 9th, 2000 11:02 AM

Reply to this message

Well it can go to https sites now, but at least with my bank you can't log into your account. But then for all I know the bank may only accept certain browsers, too. All I get is a blank screen though after I log into my account.

#18 Re: Nice, still can't log in to my bank though

by wwrafter

Thursday March 9th, 2000 5:15 PM

Reply to this message

I had a similar problem when Moz was having problems with xhtml header stuff. That's not to say your bank is putting out xhtml, but you may want to do a "View Source" to see if you're getting anything back at all. I was getting my whole page, but Moz was just not rendering it properly.

#8 Problems with https and proxies

by tquan

Thursday March 9th, 2000 11:16 AM

Reply to this message

There may be some problems using https with proxy servers. For example, if you set up an http proxy, the Tasks->Security Advisor may not work (Mozilla is currently sending the request for this through your proxy, even though it's a file on your local system, and not all proxy servers are smart enough to understand requests to localhost). I noticed in Bugzilla there's already a bug for this. Also, there's no UI for setting the https proxy, so if a https proxy is required for you, you may not be able to view https pages at all. It didn't work for me, even if I set the http (no s) proxy to the right value for both http and https.

#9 testing security and known issues

by cbegle

Thursday March 9th, 2000 11:20 AM

Reply to this message

If you're checking out this build, here are a few things you can try: <http://www.mozilla.org/qu…y/security/smoketest.html> (Suggestions for that document are welcomed.)

Please check out the known issues list before filing bugs: <http://bugzilla.mozilla.o…ue0-0-0=&cmdtype=doit>

Thanks to everyone from #mozillazine who helped test the installer!

#10 Problems with https and proxies

by tquan

Thursday March 9th, 2000 11:21 AM

Reply to this message

There may be some problems using https with proxy servers. For example, if you set up an http proxy, the Tasks->Security Advisor may not work (Mozilla is currently sending the request for this through your proxy, even though it's a file on your local system, and not all proxy servers are smart enough to understand requests to localhost). I noticed in Bugzilla there's already a bug for this. Also, there's no UI for setting the https proxy, so if a https proxy is required for you, you may not be able to view https pages at all. It didn't work for me, even if I set the http (no s) proxy to the right value for both http and https.

#16 Re: Problems with https and proxies

by sjlee <sjlee@netscape.com>

Thursday March 9th, 2000 4:27 PM

Reply to this message

There can be two problems with proxy: (1) using PSM UI when a (regular) proxy is set up, and (2) making secure proxy work. A special care is needed in both cases by the "PSM client" (meaning mozilla in this case). Addressing these problems is straightforward under the current PSM architecture, and I hope they will be made to work in the near future (this primarily belongs in mozilla developers' plate).

#22 Workaround to see PSM Manager

by benb <mozilla@bucksch.org>

Friday March 10th, 2000 11:55 AM

Reply to this message

Just add 127.0.0.1 (if that doesn't work, try "localhost" and your hostname) to the no-proxy domains. It's bug #31164 <http://bugzilla.mozilla.org/show_bug.cgi?id=31164> .

#23 Workaround to see PSM Manager

by benb <mozilla@bucksch.org>

Friday March 10th, 2000 11:57 AM

Reply to this message

Just add 127.0.0.1 (if that doesn't work, try "localhost" and your hostname) to the no-proxy domains. It's bug #31164 <http://bugzilla.mozilla.org/show_bug.cgi?id=31164> . The https proxy is bug #31174 <http://bugzilla.mozilla.org/show_bug.cgi?id=31174> .

#11 What about openSSL?

by YAH00

Thursday March 9th, 2000 12:22 PM

Reply to this message

Can openSSL be used instead of the binary modules from iPlanet?

#12 What about openSSL?

by YAH00

Thursday March 9th, 2000 12:26 PM

Reply to this message

Can openSSL be used instead of the binary modules from iPlanet?

#14 Works beautifully

by bink

Thursday March 9th, 2000 3:20 PM

Reply to this message

Finally I can use Mozilla as my browser all the time. Starting with the 3rd of March it's been stable enough on my Win2k machine to use as my default browser, but now I don't have to use IE for online banking or ESPN's site. Stability and speed are close to where they need to be, and finally crytpo. Things are starting to look really good.

#15 YES! 100% browsing in Mozilla!

by sremick

Thursday March 9th, 2000 3:28 PM

Reply to this message

This is soooo awesome. I can now move to doing 100% of my browsing in Mozilla! The ONLY reason I was kicking up Communicator 4.72 was to access SSL sites (and to occasionally compare output differences for the sake of bug hunting). Now that I can access secure sites from Mozilla, I can stay within it for all my daily browsing needs!

Don't suppose anyone knows how to disable the messages that pop up every time you enter or leave a secure document...

#21 Re: YES! 100% browsing in Mozilla!

by PeS

Friday March 10th, 2000 3:13 AM

Reply to this message

To disable such alerts click on the lock in the righ-down cornen. The personal security manager will open, then in the applications part in navigator are some checkboxes for this. I disabled all alerts and it works fine :-)

#24 Thanks!

by sremick

Friday March 10th, 2000 11:57 AM

Reply to this message

I saw the lock, but I didn't realize that it was clickable :). Duh... mucho cool, thanks!

#19 All I need now is Java, then I can kill 4.x (n/t)

by Hendy99 <gbhendy1@bigpond.net.au>

Thursday March 9th, 2000 5:38 PM

Reply to this message

.

#25 Re: All I need now is Java, then I can kill 4.x (n

by NikoP

Saturday March 11th, 2000 7:21 AM

Reply to this message

Yes, and a Flash 4-Plugin by Macromedia!

#26 Re: Re: All I need now is Java, then I can kill 4.

by Hendy99 <gbhendy1@bigpond.net.au>

Saturday March 11th, 2000 7:23 AM

Reply to this message

I can live without Flash :)

#27 Tying ourselves to iPlanet

by orasis <justin@cyrus.net>

Monday March 13th, 2000 9:07 AM

Reply to this message

I hope I'm not the only one, but I am sort of concerned the the Sun-Netscape alliance is going to start throwing in a bunch of crap that will definately be to their benefit, but who says we want it? Who does the PKI stuff benefit? Why do I want it bloating the core download? Where are the requirements and specs for these things?

#29 Re: Tying ourselves to iPlanet

by dveditz

Monday March 13th, 2000 9:34 PM

Reply to this message

PSM is a new rev of the code that has always been in Netscape browsers (Netscape invented SSL). It's not some new Sun/iPlanet thing.

If you don't want SSL, don't download it.

#28 PSM processor usage??

by PeS

Monday March 13th, 2000 12:59 PM

Reply to this message

Any info, why the psm need all processor time eventhough the page is already loaded? All works fine, but the usage isn't nice for me. When I press stop buton, usage goes down. Why?? (Linux, M14 - Talkback)