Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

access to a site with revoked certificate is allowed

  • No replies
  • 1 has this problem
  • 3 views
more options

When I try to access the website https://revoked.grc.com/, at first I get a dialog about expired certificate. When I click Accept the risk and continue, the site loads. This is somewhat unexpected since the site's certificate is revoked (https://crt.sh/?id=123799530&opt=ocsp), and this shouldn't be possible to override by user. Is this a bug or a feature?

I do believe that this behavior is easy to replicate everywhere, so I'd like to ask anybody who's about to respond with "send us diagnostics data" or "reset your profile", please try the steps yourself first.

When I try to access the website https://revoked.grc.com/, at first I get a dialog about expired certificate. When I click Accept the risk and continue, the site loads. This is somewhat unexpected since the site's certificate is revoked (https://crt.sh/?id=123799530&opt=ocsp), and this shouldn't be possible to override by user. Is this a bug or a feature? I do believe that this behavior is easy to replicate everywhere, so I'd like to ask anybody who's about to respond with "send us diagnostics data" or "reset your profile", please try the steps yourself first.