|
 |
61f7dd5 |
diff --git a/toolkit/module/CertUtils.jsm b/toolkit/toolkit/modules/CertUtils.jsm
|
|
|
61f7dd5 |
--- a/toolkit/modules/CertUtils.jsm
|
|
|
61f7dd5 |
+++ b/toolkit/modules/CertUtils.jsm
|
|
|
9e88c31 |
@@ -170,17 +170,19 @@ this.checkCert =
|
|
|
9e88c31 |
issuerCert = issuerCert.QueryInterface(Ci.nsIX509Cert3);
|
|
|
9e88c31 |
var tokenNames = issuerCert.getAllTokenNames({});
|
|
|
9e88c31 |
|
|
|
9e88c31 |
if (!tokenNames || !tokenNames.some(isBuiltinToken))
|
|
|
9e88c31 |
throw new Ce(certNotBuiltInErr, Cr.NS_ERROR_ABORT);
|
|
|
9e88c31 |
}
|
|
|
9e88c31 |
|
|
|
9e88c31 |
function isBuiltinToken(tokenName) {
|
|
|
9e88c31 |
- return tokenName == "Builtin Object Token";
|
|
|
9e88c31 |
+ return tokenName == "Builtin Object Token" ||
|
|
|
9e88c31 |
+ tokenName == "Default Trust" ||
|
|
|
9e88c31 |
+ tokenName == "System Trust";
|
|
|
9e88c31 |
}
|
|
|
9e88c31 |
|
|
|
9e88c31 |
/**
|
|
|
9e88c31 |
* This class implements nsIBadCertListener. Its job is to prevent "bad cert"
|
|
|
9e88c31 |
* security dialogs from being shown to the user. It is better to simply fail
|
|
|
9e88c31 |
* if the certificate is bad. See bug 304286.
|
|
|
9e88c31 |
*
|
|
|
9e88c31 |
* @param aAllowNonBuiltInCerts (optional)
|