[email protected] wrote:
Ant wrote:
Hello.
https://videos.antville.org web site (not mine) currently says:
"This Connection is Untrusted
You have asked SeaMonkey to connect securely to videos.antville.org, but we
can't confirm that your connection is secure.
Normally, when you try to connect securely, websites will present trusted
identification to prove that you are going to the right place. However, this
website's identity can't be verified.
What Should I Do?
If you usually connect to this website without problems, this error could
mean that someone is trying to impersonate the website, and you shouldn't
continue.
This site uses HTTP Strict Transport Security (HSTS) to specify that
SeaMonkey only connect to it securely. As a result, it is not possible to
add an exception for this certificate.
Technical Details
videos.antville.org uses an invalid security certificate.
The certificate expired on Thursday, May 07, 2020, 5:06 PM. The current time
is Thursday, May 07, 2020, 9:42 PM.
Error code: SEC_ERROR_EXPIRED_CERTIFICATE".
In the past, SeaMonkey web browser used to ask me to continue or not. I did
not see any continue on it even though I know the risks. In Firefox v76 web
browser, it lets me continue. Why did SeaMonkey remove this while Firefox
still has it?
Thank you for reading and hopefully answering soon. :)
I think the bit about the site using HSTS explains it:
This site uses HTTP Strict Transport Security (HSTS) to specify that
SeaMonkey only connect to it securely. As a result, it is not possible to
add an exception for this certificate.
When you've visited the site before, it's indicated that it uses HSTS, so
SeaMonkey won't allow insecure connections in future.
You probably haven't visited the site before in Firefox, so that doesn't know
the site uses HSTS and allows the exception. Either that or Firefox allows
exceptions despite HSTS - if that is the case, it might have been changed in a
newer version than SeaMonkey is based on.
Exactly. I looked and i think it was SiteSecurityServiceState.txt which just
needed to be edited to allow the override again.
FRG
_______________________________________________
support-seamonkey mailing list
[email protected]
https://lists.mozilla.org/listinfo/support-seamonkey
