When I last got this error, it's because my time program was off by a few years, and therefore the cert was not inside it's trusted times, and therefore the cert was seen as invalid.
--Sean Somebody claiming to be bofh wrote: > I noticed something is different about the openbsd 4.5 mozilla-firefox > package vs say, kubuntu's build. > > I set up paros (MITM proxy) with it's own cert (wildcard cert) signed > by my cacert.pem file. I added this root cert to the openbsd firefox. > I can go to https://mail.google.com without problems. > > In kubuntu - firefox 3.0.3, I did the same thing, pointed it at paros > with the wildcard cert and inserted the same cacert.pem into kubuntu's > firefox, when I go to another https site, I get the following: > > > > > This Connection is Untrusted > You have asked Firefox to connect > > Normally, when you try to connect securely, > sites will present trusted identification to prove that you are > going to the right place. However, this site's identity can't be verified. > > > What Should I Do? > > If you usually connect to > this site without problems, this error could mean that someone is > trying to impersonate the site, and you shouldn't continue. > > Technical Details > > mail.google.com uses an invalid security certificate. > > The certificate is only valid for * > > (Error code: ssl_error_bad_cert_domain) > > > What is different about openbsd's build? Thanks! > > -- > http://www.glumbert.com/media/shift > http://www.youtube.com/watch?v=tGvHNNOLnCk > "This officer's men seem to follow him merely out of idle curiosity." > -- Sandhurst officer cadet evaluation. > "Securing an environment of Windows platforms from abuse - external or > internal - is akin to trying to install sprinklers in a fireworks > factory where smoking on the job is permitted." -- Gene Spafford > learn french: http://www.youtube.com/watch?v=j1G-3laJJP0&feature=related
