Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

This thread was archived. Please ask a new question if you need help.

Connecting in spite of bad security certificate

  • 3 replies
  • 6 have this problem
  • 2 views
  • Last reply by cor-el

FoxyFirey
FoxyFirey
more options

I've googled and posted previously about the bad certificates, causing the Firefox message "This Connection is Untrusted". I am posting now not to ask about a solution. Instead, I just wanted to confirm the circumstances under which one can sensibly proceed with a potentially insecure connection. According to http://support.mozilla.org/en-US/kb/connection-untrusted-error-message, you should not proceed unless you "are willing to risk communicating over a connection that could be vulnerable to an eavesdropper". To me, that means that if what your surfing is such that you don't care if whether it is publically visible, then go right ahead. Of course, this excludes cases where you enter in authentication information.

Is this correct?

I've googled and posted previously about the bad certificates, causing the Firefox message "This Connection is Untrusted". I am posting now not to ask about a solution. Instead, I just wanted to confirm the circumstances under which one can sensibly proceed with a potentially insecure connection. According to http://support.mozilla.org/en-US/kb/connection-untrusted-error-message, you should not proceed unless you "are willing to risk communicating over a connection that could be vulnerable to an eavesdropper". To me, that means that if what your surfing is such that you don't care if whether it is publically visible, then go right ahead. Of course, this excludes cases where you enter in authentication information. Is this correct?

All Replies (3)

Yousef
Yousef
more options

Almost correct.

Authenticating would be no exception with an untrusted connection. On an untrusted connection, everything you do should be considered at risk, including authentication.

FoxyFirey
FoxyFirey Question owner
more options

Thanks, yalam96. I actually meant what you said i.e. the things you don't care to encrypt excludes authentication info. I just wrote it in a confusing way :) .

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

You should always be cautious and never set a permanent exception in cases like this.

You can get such errors if a website doesn't send all intermediate chain certificates.

You can retrieve the certificate and check who issued the certificate.
You should always do that to see if that helps to identify the problem (missing intermediate certificate or something else).
You can test a website via one of the SSL checking websites.

If such a check confirms that there is a problem with the certificate then you know that you do not have to look further.

Check out why the site is untrusted (see the Technical details) and if this is caused by a missing intermediate certificate then see if you can install this intermediate certificate from another source like the above posted testing site.

You can retrieve the certificate and check details like who issued certificates and expiration dates of certificates.

  • Click the link at the bottom of the error page: "I Understand the Risks"

Let Firefox retrieve the certificate: "Add Exception" -> "Get Certificate".

  • Click the "View..." button and inspect the certificate and check who is the issuer.

You can see more Details like intermediate certificates that are used in the Details pane.