Chủ đề này đã được lưu trữ. Vui lòng hỏi một câu hỏi mới nếu bạn cần giúp đỡ.
access to a site with revoked certificate is allowed
When I try to access the website https://revoked.grc.com/, at first I get a dialog about expired certificate. When I click Accept the risk and continue, the site loads. This is somewhat unexpected since the site's certificate is revoked (https://crt.sh/?id=123799530&opt=ocsp), and this shouldn't be possible to override by user. Is this a bug or a feature?
I do believe that this behavior is easy to replicate everywhere, so I'd like to ask anybody who's about to respond with "send us diagnostics data" or "reset your profile", please try the steps yourself first.