I do not see SSL certificate warnings now a days, even when visiting sites that do not provide valid identity.
When visiting a website that has some kind of SSL certificate issue, like missing , untrusted or invalid certificate etc, the browser is supposed to show a warning message, which should warn us of potential hazards of visiting the website. I realised that my browsers have not shown such warning message for a really long time. Can anyone give me any idea why this is happening?
Thanks,
Satya
Vybrané riešenie
Hi satyabratasharma, there are two different pieces of information there:
(1) This website does not supply identity information.
This is normal. Firefox only trusts an EVSSL certificate (green lock) to provide reliable identity information.
(2) Your connection to this website is not encrypted.
Yes, because this is an HTTP URL, Firefox does not attempt to make a secure connection. There's no warning unless it is an HTTPS URL and there is a problem with the certificate.
Čítať túto odpoveď v kontexte 👍 0Všetky odpovede (6)
Do you get an error on this page: https://www.sothai.com/
Under Technical Details you should get:
www.sothai.com uses an invalid security certificate.
The certificate is only valid for the following names: www.jeffersonscher.com, jeffersonscher.com
(Error code: ssl_error_bad_cert_domain)
If instead you get a real webpage, click the padlock icon in the address bar, then More Information, then View Certificate, and take a look at the "Issued by" section. What do you see there?
Hi. Thank you very much for your response. I actually see the warning page now. This is strange though. For similar situations, my browser has opened sites directly without showing the warning earlier.
As far as the last part is concerned, I was able to get the More Information section by clicking on the padlock/greyed globe icon etc. I just wasn't seeing the warning page that comes before we get to the original page. I still cannot get this warning for most websites, other than the one that you provided. Trying to find out what I am missing.
If you find a page that you know has an invalid certificate for a different reason (expired, incomplete signature chain, etc.) then we could compare between two browsers and figure out what's going on.
Hi... One website is:
http://www.technologyreview.com/
My browser opens this website directly, but on clicking on the greyed out globe on the address bar, on the left of the domain name of the website, I see the following message:
'This website does not supply identity information. Your connection to this website is not encrypted. '
Then there is a 'More Information' button which gives more information.
My understanding was, if a site does not supply identity information and/or the connection is not encrypted, I should be able to see a Warning Page first. Only after the user decides to bypass that warning, then the browser should load the actual website.
For the link that you had provided earlier, i get this. Not for most other cases. I am sure I am missing something here.
Thank you for your time.
Vybrané riešenie
Hi satyabratasharma, there are two different pieces of information there:
(1) This website does not supply identity information.
This is normal. Firefox only trusts an EVSSL certificate (green lock) to provide reliable identity information.
(2) Your connection to this website is not encrypted.
Yes, because this is an HTTP URL, Firefox does not attempt to make a secure connection. There's no warning unless it is an HTTPS URL and there is a problem with the certificate.
Ohhh... That explains everything, Sir. Thank you so much for the clarification. I get it now. :)