X
Tap here to go to the mobile version of the site.
Your Firefox is out of date and may contain a security risk! Upgrade Firefox

Support Forum

Connecting in spite of bad security certificate

Posted

I've googled and posted previously about the bad certificates, causing the Firefox message "This Connection is Untrusted". I am posting now not to ask about a solution. Instead, I just wanted to confirm the circumstances under which one can sensibly proceed with a potentially insecure connection. According to http://support.mozilla.org/en-US/kb/connection-untrusted-error-message, you should not proceed unless you "are willing to risk communicating over a connection that could be vulnerable to an eavesdropper". To me, that means that if what your surfing is such that you don't care if whether it is publically visible, then go right ahead. Of course, this excludes cases where you enter in authentication information.

Is this correct?

Additional System Details

Installed Plug-ins

  • Next Generation Java Plug-in 1.6.0_39 for Mozilla browsers
  • NPRuntime Script Plug-in Library for Java(TM) Deploy
  • Shockwave Flash 11.5 r502
  • Adobe PDF Plug-In For Firefox and Netscape "9.5.3"
  • Google Update
  • PDF-XChange Viewer Netscape Gecko Plugin
  • iTunes Detector Plug-in
  • 4.1.10329.0
  • NPWLPG

Application

  • User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0

More Information

Yousef 15 solutions 71 answers

Almost correct.

Authenticating would be no exception with an untrusted connection. On an untrusted connection, everything you do should be considered at risk, including authentication.

Question owner

Thanks, yalam96. I actually meant what you said i.e. the things you don't care to encrypt excludes authentication info. I just wrote it in a confusing way :) .

cor-el
  • Top 10 Contributor
  • Moderator
10754 solutions 96785 answers

You should always be cautious and never set a permanent exception in cases like this.

You can get such errors if a website doesn't send all intermediate chain certificates.

You can retrieve the certificate and check who issued the certificate.
You should always do that to see if that helps to identify the problem (missing intermediate certificate or something else).
You can test a website via one of the SSL checking websites.

If such a check confirms that there is a problem with the certificate then you know that you do not have to look further.

Check out why the site is untrusted (see the Technical details) and if this is caused by a missing intermediate certificate then see if you can install this intermediate certificate from another source like the above posted testing site.

You can retrieve the certificate and check details like who issued certificates and expiration dates of certificates.

  • Click the link at the bottom of the error page: "I Understand the Risks"

Let Firefox retrieve the certificate: "Add Exception" -> "Get Certificate".

  • Click the "View..." button and inspect the certificate and check who is the issuer.

You can see more Details like intermediate certificates that are used in the Details pane.