When I go to SSL site I see this message in fx: "You have asked Firefox to connect securely to news.ycombinator.com, but we can't confirm that your connection is secure.
Normally, when you try to connect securely, sites will present trusted identification to prove that you are going to the right place. However, this site's identity can't be verified. What Should I Do? If you usually connect to this site without problems, this error could mean that someone is trying to impersonate the site, and you shouldn't continue. news.ycombinator.com uses an invalid security certificate. The certificate is not trusted because no issuer chain was provided. (Error code: sec_error_unknown_issuer)" And then I go to Add exception -> View -> Details tab -> Certificate hierarchy but there is only news.ycombinator.com present. When I export it and try to import it into fx I get: "This is not a certificate authority certificate, so it can't be imported into the certificate authority list." So I think this is not CA certificate but a server certificate. And about recurring errors on the same site: I have a number of server exceptions in "Servers" list under my company custom CA certificate in Advanced -> View Certificates -> Servers. All of them are marked "Permanent". Nevertheless, the error page I described above appears from time to time even on sites that I have previously added to a trusted list. It's extremely annoying and I don't know why this happens. I use Firefox 21. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
