On 01/26/2014 03:18 AM, Desiree wrote: > Both SeaMonkey 2.23 and Fx 24.2.0 refuse to connect to a NONsecure site > claiming the site is https and claiming invalid cert. Both browsers > refuse to let me look at the cert and make a security exception if I > wish. (I should not need to make any exception because the site is not > secure in the first place but Fx and SM think it is). The site is > http://www.tvfool.com. I can use both IE 10 and Opera 12.15 with no > problems at the site and no matter which pages I access at the site > neither IE or Opera claim the page is a secure one. > > So, why does SM think the site is https? Secondly, why is SM (and Fx) > not allowing me to examine the cert? (If this was a secure site, > probably the cert might be from an authority that I list in my browsers > as "untrusted" because I want to make an individual decision (after > being notified which authority the site is using and examining the cert) > for any sites using certs from certain authorities. > > Also, on sites that are secure, where the certifying authority is listed > by me in SeaMonkey (and Fx) as "untrusted", and I make an exception and > click the box to make the exception permanent, why is that never > remembered? It used to be remembered if I checked the box to make the > exception permanent for a specific site. IE and Opera have no > difficulty remembering exceptions so what happened recently to Fx and SM > to make them unable to remember permanent exceptions made by the user? > > http://i.imgur.com/DmXmtl5.png > > I am trying to go to this specific page (which SM and Fx mistakenly > think is a secure page but is not): > > http://www.tvfool.com/index.php?option=com_wrapper&Itemid=29 > > Note (on the above screen shot) the lack of any way to make a security > exception for this "supposed" secure page.
It works fine here with FF. Even though the site isn't a https site, there probably is some content sent encrypted. The browser requests a certificate for www.tvfool.com. The actual certificate is: *.tvfool.com issuer Go Daddy Secure Certification Authority which is issued by Go Daddy Class 2 CA You don't see this normally, because it's all happening in the background. But an add-on like Certificate Patrol makes it visible to the user, and allows access to all stored server certificates. I guess the reason for not being prompted for the exception is because the site isn't https in the first place. The reason for getting the error is possibly a corrupted certificate store of your SM installation. -- Christian _______________________________________________ support-seamonkey mailing list [email protected] https://lists.mozilla.org/listinfo/support-seamonkey
