On Sun, 21 Jul 2013 01:57:07 +0200
"SF, Adrian" <a...@sutolyst.me.uk> wrote:

> Hi,
> 
> Midori reports all https sites as having an invalid ssl certificate. I
> found this issue on Midori’s bugtracker (
> https://bugs.launchpad.net/midori/+bug/983137 ) but this dates from
> last year and had been fixed according to the tracker.
> 
> I’m running FreeBSD 9.1, midori and libsoup are both up to date from ports.

Hi,

SSL certificate in Midori is known "issue".

By default it accepts all certificates (trusted an untrusted), because 
'ssl-strict' property (in libsoup) is set to FALSE (from line 167 to 197 in 
midori/midori-session.c file) [1].
If we change this value to TRUE, all untrusted sites are blocked.

In FAQ [2] ("Certificate Handling" section), main developer mentions gcr (it's 
GNOME application which enhances your currently lignome-keyring, but it's only 
available with GNOME3 so Gtk3).
Moreover with new webkit2 API (webkitgtk >= 1.11.91) https support in WebKit 
will be better.

Let us be patient.

[1] 
http://bazaar.launchpad.net/~midori/midori/trunk/view/6270/midori/midori-session.c
[2] http://www.midori-browser.org/faqs/#security_features

> 
> Regards,
> Adrian
> _______________________________________________
> freebsd-xfce@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-xfce
> To unsubscribe, send any mail to "freebsd-xfce-unsubscr...@freebsd.org"


-- 
olivier
_______________________________________________
freebsd-xfce@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-xfce
To unsubscribe, send any mail to "freebsd-xfce-unsubscr...@freebsd.org"

Reply via email to