X
Tap here to go to the mobile version of the site.

Support Forum

Firefox Android: No option to continue with "Untrusted Connection"

Posted

Why is the user not given the choice of connecting to "Untrusted Websites" (or websites with bad SSL certificates) ? This option is present in the desktop browser, under the advanced options section, but not in the app. Makes it irritating when trying to connect to intranet websites where security is often poorly implemented and doesn't matter anyway.

Why is the user not given the choice of connecting to "Untrusted Websites" (or websites with bad SSL certificates) ? This option is present in the desktop browser, under the advanced options section, but not in the app. Makes it irritating when trying to connect to intranet websites where security is often poorly implemented and doesn't matter anyway.

Chosen solution

The website has an invalid certificate. Wildcard certificates are only valid for one level of matching. The site you are trying to connect to is two levels deep. The certificate *.amrita.edu is only valid for cb.amrita.edu not intranet.cb.amrita.edu. The correct cert would be for *.cb.amrita.edu or intranet.cb.amrita.edu.

The part of the school that runs the website would need to address this issue.

This is defined in RFC 2818 section 3.1 www.ietf.org/rfc/rfc2818.txt

Read this answer in context 1

Additional System Details

Application

  • User Agent: Mozilla/5.0 (Android 7.0; Mobile; rv:59.0) Gecko/59.0 Firefox/59.0

More Information

Meskó Balázs
  • Moderator
122 solutions 615 answers

You can add exceptions for these sites on the warning page. It should be at the bottom of the page, under I understand the risks. You don't have that? Please attach a screenshot about it.

You can add exceptions for these sites on the warning page. It should be at the bottom of the page, under ''I understand the risks''. You don't have that? Please attach a screenshot about it.

Question owner

Here's a screenshot. The link you're referring to does appear on the desktop.

https://drive.google.com/file/d/1Jh68y8snpd-NyoRCFL91i3d64Z5r6802/view?usp=drivesdk

Here's a screenshot. The link you're referring to does appear on the desktop. https://drive.google.com/file/d/1Jh68y8snpd-NyoRCFL91i3d64Z5r6802/view?usp=drivesdk
kbrosnan
  • Moderator
581 solutions 3843 answers

Chosen Solution

The website has an invalid certificate. Wildcard certificates are only valid for one level of matching. The site you are trying to connect to is two levels deep. The certificate *.amrita.edu is only valid for cb.amrita.edu not intranet.cb.amrita.edu. The correct cert would be for *.cb.amrita.edu or intranet.cb.amrita.edu.

The part of the school that runs the website would need to address this issue.

This is defined in RFC 2818 section 3.1 www.ietf.org/rfc/rfc2818.txt

The website has an invalid certificate. Wildcard certificates are only valid for one level of matching. The site you are trying to connect to is two levels deep. The certificate *.amrita.edu is only valid for cb.amrita.edu not intranet.cb.amrita.edu. The correct cert would be for *.cb.amrita.edu or intranet.cb.amrita.edu. The part of the school that runs the website would need to address this issue. This is defined in RFC 2818 section 3.1 www.ietf.org/rfc/rfc2818.txt