X
Toque aqui para ver a versão para dispositivos móveis desse site.

Fórum de suporte

HTTP Strict Transport Security prevents me from accessing a server that I'm doing development on

Postado

I cannot access a clients site that I'm working on due to an HSTS error, I used to be able to bypass this with test.currentTimeOffsetSeconds, however it seems to not work anymore.

I use Firefox for development because it has better tools than any browser I've use in the past, however this is a real blocker for me, since the sites I'm working on don't have DNS names yet and can't get updated certificates till then.

I've also manually added an exception in the certificate options, though that also didn't work.

Please guys, I've always been pushing people to use Firefox, though if it starts limiting my options without any way to bypass it if I feel I need to do something, then I'll be forced to go hunting for a browser that gives me more freedom, not to mention this is costing me work hours.

I cannot access a clients site that I'm working on due to an HSTS error, I used to be able to bypass this with test.currentTimeOffsetSeconds, however it seems to not work anymore. I use Firefox for development because it has better tools than any browser I've use in the past, however this is a real blocker for me, since the sites I'm working on don't have DNS names yet and can't get updated certificates till then. I've also manually added an exception in the certificate options, though that also didn't work. Please guys, I've always been pushing people to use Firefox, though if it starts limiting my options without any way to bypass it if I feel I need to do something, then I'll be forced to go hunting for a browser that gives me more freedom, not to mention this is costing me work hours.

Solução escolhida

An exception should work. In order to be able to try re-adding the exception using the Advanced button / Add Exception button approach, you need to first remove the stored HSTS flag.

Open your current Firefox settings (AKA Firefox profile) folder using either

  • "3-bar" menu button > "?" button > Troubleshooting Information
  • (menu bar) Help > Troubleshooting Information
  • type or paste about:support in the address bar and press Enter

In the first table on the page, click the "Open Directory" (or similar) button. This should launch a new window listing various files and folders in your file browser.

Leaving that window open, switch back to Firefox and Exit/Quit, either:

  • "3-bar" menu button > "power" button
  • (menu bar) File > Exit / Quit

Pause while Firefox finishes its cleanup, then open SiteSecurityServiceState.txt in your preferred text editor and delete all lines for the hostname you need to access and save the file.

When you start Firefox again, on your first visit, Firefox normally ignores the HSTS status because it hasn't gotten past the handshake.

Ler esta resposta 5

Detalhes avançados do sistema

Extensões instaladas

  • Shockwave Flash 25.0 r0

Aplicativo

  • Firefox 53.0
  • Agente de Usuário: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:53.0) Gecko/20100101 Firefox/53.0
  • URL de Suporte: https://support.mozilla.org/1/firefox/53.0/Linux/en-ZA/

Extensões

  • ADB Helper 0.10.0 (adbhelper@mozilla.org)
  • Application Update Service Helper 2.0 (aushelper@mozilla.org)
  • Multi-process staged rollout 1.14 (e10srollout@mozilla.org)
  • Pocket 1.0.5 (firefox@getpocket.com)
  • Shield Recipe Client 1.0.0 (shield-recipe-client@mozilla.org)
  • uBlock Origin 1.12.1 (uBlock0@raymondhill.net)
  • Valence 0.3.7 (fxdevtools-adapters@mozilla.org)
  • Web Compat 1.0 (webcompat@mozilla.org)
  • BitTorrent WebUI 0.2.1.1-signed.1-signed (BitTorrent_WebUI@firefox.alexisbrunet.com) (Inativo)
  • BitTorrent WebUI+ 0.2.3.0.1-signed.1-signed (BitTorrent_WebUI_2@firefox.alexisbrunet.com) (Inativo)
  • DownThemAll! 3.0.8 ({DDC359D1-844A-42a7-9AA1-88A850A938A8}) (Inativo)
  • Poster 3.1.0.1-signed.1-signed ({d48a39ba-8f80-4fce-8ee1-bc710561c55d}) (Inativo)
  • RESTClient 2.0.5 ({ad0d925d-88f8-47f1-85ea-8463569e756e}) (Inativo)
  • SaveFrom.net helper 7.31 (helper-sig@savefrom.net) (Inativo)
  • User Agent Switcher 0.7.3.1-signed.1-signed ({e968fc70-8f95-4ab9-9e79-304de2a71ee1}) (Inativo)

Javascript

  • incrementalGCEnabled: True

Gráficos

  • adapterDescription: X.Org -- Gallium 0.4 on AMD TAHITI (DRM 2.43.0, LLVM 3.8.0)
  • adapterDeviceID: Gallium 0.4 on AMD TAHITI (DRM 2.43.0, LLVM 3.8.0)
  • adapterDrivers:
  • adapterRAM:
  • adapterVendorID: X.Org
  • crashGuards: []
  • currentAudioBackend: pulse
  • driverDate:
  • driverVersion: 3.0 Mesa 11.2.0
  • featureLog: {u'fallbacks': [], u'features': [{u'status': u'blocked', u'description': u'Compositing', u'log': [{u'status': u'blocked', u'message': u'Acceleration blocked by platform', u'type': u'default'}], u'name': u'HW_COMPOSITING'}, {u'status': u'unavailable', u'description': u'OpenGL Compositing', u'log': [{u'status': u'unavailable', u'message': u'Hardware compositing is disabled', u'type': u'default'}], u'name': u'OPENGL_COMPOSITING'}]}
  • info: {u'ApzWheelInput': 1, u'CairoUseXRender': 0, u'AzureFallbackCanvasBackend': u'none', u'AzureCanvasAccelerated': 0, u'AzureCanvasBackend': u'skia', u'AzureContentBackend': u'skia'}
  • numAcceleratedWindows: 0
  • numAcceleratedWindowsMessage: [u'']
  • numTotalWindows: 1
  • webgl2Renderer: X.Org -- Gallium 0.4 on AMD TAHITI (DRM 2.43.0, LLVM 3.8.0)
  • webglRenderer: X.Org -- Gallium 0.4 on AMD TAHITI (DRM 2.43.0, LLVM 3.8.0)
  • windowLayerManagerRemote: True
  • windowLayerManagerType: Basic

Preferências Modificadas

Diversos

  • User JS: Não
  • Acessibilidade: Não
jscher2000
  • Top 10 Contributor
6908 soluções 56404 respostas

Solução escolhida

An exception should work. In order to be able to try re-adding the exception using the Advanced button / Add Exception button approach, you need to first remove the stored HSTS flag.

Open your current Firefox settings (AKA Firefox profile) folder using either

  • "3-bar" menu button > "?" button > Troubleshooting Information
  • (menu bar) Help > Troubleshooting Information
  • type or paste about:support in the address bar and press Enter

In the first table on the page, click the "Open Directory" (or similar) button. This should launch a new window listing various files and folders in your file browser.

Leaving that window open, switch back to Firefox and Exit/Quit, either:

  • "3-bar" menu button > "power" button
  • (menu bar) File > Exit / Quit

Pause while Firefox finishes its cleanup, then open SiteSecurityServiceState.txt in your preferred text editor and delete all lines for the hostname you need to access and save the file.

When you start Firefox again, on your first visit, Firefox normally ignores the HSTS status because it hasn't gotten past the handshake.

An exception ''should'' work. In order to be able to try re-adding the exception using the Advanced button / Add Exception button approach, you need to first remove the stored HSTS flag. Open your current Firefox settings (AKA Firefox profile) folder using either * "3-bar" menu button > "?" button > Troubleshooting Information * (menu bar) Help > Troubleshooting Information * type or paste about:support in the address bar and press Enter In the first table on the page, click the "Open Directory" (or similar) button. This should launch a new window listing various files and folders in your file browser. Leaving that window open, switch back to Firefox and Exit/Quit, either: * "3-bar" menu button > "power" button * (menu bar) File > Exit / Quit Pause while Firefox finishes its cleanup, then open '''SiteSecurityServiceState.txt''' in your preferred text editor and delete all lines for the hostname you need to access and save the file. When you start Firefox again, on your first visit, Firefox normally ignores the HSTS status because it hasn't gotten past the handshake.
jscher2000
  • Top 10 Contributor
6908 soluções 56404 respostas

Or maybe you're saying it's a clock problem, not a certificate problem. Could you copy/paste the actual error message?

Or maybe you're saying it's a clock problem, not a certificate problem. Could you copy/paste the actual error message?

Autor da pergunta

Thanks man, you're a life saver.

Deleting the entry in SiteSecurityServiceState.txt worked like a charm.

Thanks man, you're a life saver. Deleting the entry in SiteSecurityServiceState.txt worked like a charm.