Friday, 21 September 2007

Internet Explorer wins?

I never thought I'd discover any feature of Internet Explorer that kicks Firefox's butt, but then today happened. Just configuring an internet-facing Apache HTTP server for a service that requires client SSL certificates. Not ever having done this before, I was impressed at how simple it actually was to do: Configure Apache to see the CA cert, whip up some client certs and then instruct the server to demand a client cert with the "SSLVerifyClient require" directive. Easy.

Then to test I bring up the site in IE6 and I get a nice dialog box telling me that site is demanding a cert and brings up the certificate picker:


Ok not too shabby.

Then I try the same test in FF2, and lo and behold I am presented with this usability abomination:


So I guess its functionality that most people would never touch in either browser, but still, that's just horrible. How on earth are users supposed to infer from that error message that a client cert is required?

"Error code -12272....?"

"Ohhh that's obviously because you haven't installed an appropriate client certificate. Noob"
Posted by Nick Head at 2:58 AM
Labels: ,

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)