From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 42B2B138330 for ; Tue, 9 Jan 2018 12:29:31 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id AA3ADE0AC1; Tue, 9 Jan 2018 12:29:23 +0000 (UTC) Received: from mail-wr0-x22e.google.com (mail-wr0-x22e.google.com [IPv6:2a00:1450:400c:c0c::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 2A960E0AB7 for ; Tue, 9 Jan 2018 12:29:23 +0000 (UTC) Received: by mail-wr0-x22e.google.com with SMTP id b76so13923951wrd.3 for ; Tue, 09 Jan 2018 04:29:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:reply-to:subject:date:message-id:in-reply-to:references :mime-version; bh=S+7Xtf5WWFNZIrNemVPvdRXBhl+XhvrV7zdU8VB2BA4=; b=bTfCn2Vasvx4dN3wVjBfa7zXpy31YGP8h5ceXfigoc3vDRLVifSutNmiWp7JUp+GIm vxCixFmrTxxFjr+al9Vh+O5S4G5ilZdWHk0oqw30ip9Y4Vfep4kojyR+avII4GpVFH5B ju481FsSh51WZ6g8cHn+Wpw6Sb8LixhnntEvND3p4vkiol4q83GbJZW4HrnADGsXhtgJ Bv1Oa41ElfuPLEQQcY+P0MSY+905yRWeBwBkK7SjmqzUahJlDrExLZzZ/Qo48/7SW7k/ kquJtEgNPtRGRt3hB9/RyZHMnVrmJfut/1oWRM9bwIszGN1OqzWIqZibjE2XOPz1FkhY X4Dg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:reply-to:subject:date:message-id :in-reply-to:references:mime-version; bh=S+7Xtf5WWFNZIrNemVPvdRXBhl+XhvrV7zdU8VB2BA4=; b=jnh+BOyKFVyu+YbjAXebSSzD+Rc9gunxoJuqOEJGgmgTTLtQVTDjBxtueA/NWgH07E SeoVKAl3R9GbkjRmjScyggc8Ck4e6Y2wP2C0/DR0yx+EfPoAoumRtjLc+gmwaJk/F9Dw mkpRVwfUuEgCZ68+oVL3pyl9tfnEHEYI6r9xCllt6YRuNc9tW9sP0v36eRROPOYa45H9 nDRMvslRK6JC7ndUK8zW9psvNzyrJuQD4exZSz9PxCZDKAMAdn/UAEhaga4pEpVTAEmV QIfp9dzdm9/B0SE1+puE3E2QfSq67rMtZI9WL9rQ9e3qBSi2e6XujXMyXr5lzs2kZuzo 0L0Q== X-Gm-Message-State: AKGB3mJGEpnCMe0WHYfBmpQKbwDjDRT7KAW31B0W5ELB7U+est9zudku XFXnhN0SNK2fIz3Z1VdeflBsRA== X-Google-Smtp-Source: ACJfBosaraN1P+TXbn9J7ZhXQ5OvkC25TNR27Nw9MJcVlKtvOQOSY2jF3L96bSfBaXo51nBWs5jEUg== X-Received: by 10.223.128.164 with SMTP id 33mr14434675wrl.85.1515500962020; Tue, 09 Jan 2018 04:29:22 -0800 (PST) Received: from dell_xps.localnet (230.3.169.217.in-addr.arpa. [217.169.3.230]) by smtp.gmail.com with ESMTPSA id 198sm18817901wmo.21.2018.01.09.04.29.21 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 09 Jan 2018 04:29:21 -0800 (PST) From: Mick To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Firefox-57.0.4 won't accept TLS certificate exception Date: Tue, 09 Jan 2018 12:29:33 +0000 Message-ID: <1658629.FCy567lUfI@dell_xps> In-Reply-To: <2883426.IvTKrsIllc@peak> References: <2918660.EtAQm8RF2E@dell_xps> <2883426.IvTKrsIllc@peak> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart3630354.RZ5BrVjabF"; micalg="pgp-sha256"; protocol="application/pgp-signature" X-Archives-Salt: 164f0370-a7f7-47eb-af95-11302e37c12e X-Archives-Hash: 746c14d42882fea1a732f4c7faaf2a47 --nextPart3630354.RZ5BrVjabF Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="UTF-8" On Tuesday, 9 January 2018 11:50:56 GMT Peter Humphrey wrote: > On Tuesday, 9 January 2018 11:34:24 GMT Mick wrote: > > I just noticed I am not able to override FF's protestations about the > > domain name of the loaded TLS certificate not matching the visited > > domain. When I click on Advance/"Confirm Security Exception" to > > permanently store this exception nothing happens. All I can do > > thereafter is cancel this pop up window. Of course the page will not > > load. > > I've noticed something similar, but it varies from one site to another. > Sometimes, confirming an exception works as before, but at other times I'm > not even offered the option to make an exception. In that latter case I fire > up another browser and use that instead. > > > How can I overcome this intransigence by the browser, who thinks it knows > > better what I wish to do? > > I wish I knew. :-) It seems it won't allow me to accept the certificate *permanently* but it accepts it temporarily. Phew! I also had to remove a number of security addons which no longer work, but this was not related to the certificate problem. -- Regards, Mick --nextPart3630354.RZ5BrVjabF Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part. Content-Transfer-Encoding: 7Bit -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEt7MNaGaS6HvTUrEz6WnU8jC95dcFAlpUta0ACgkQ6WnU8jC9 5dcq0Q/6AkBjb7uilUYximpKNflhc8IdqL6phJzgDputcLKhhmJjx4NVmRiDSmwf YMZyFGQnPxu3/j+KyzmIq5umoimzEwThAy6AUkl0UM9T+n19NpzdCuH3O8HWY+5E 1yxZfRWuHf/KbZ0ttmsWcy3j+PbSFZyVdEyNouo8NVdLz0apEOom+aYclM7n8PAk 5rfTozKb1k5coQ/+m+EST7JCmasnldzg9O+jSmxS5F5SkVx0lmZcQvJS6y4knJz+ g12NsLa9VaqN0RMUAaSWgtak7wp9pxWRBbeDCRK1avwy6H8FkMJoF1FVJ20ihUOs 5Ysho3/KuEyTSGR+/9olThKZG0m6Z9YhzpKVwCA1/YxrZXRwUI8hW1PGraEYFB/8 FtXI4Tjk3zYQoTr2jysq55X2VyeBckZ21VtESAxQTtvUvLXbhGKI4DQdEc4ab4dN bDX0pZgXLDNmH/JkoPySlKUWMnrPjqgxK827SOvNQMLe10oD7H/nowCtmpL8XMKN p7qq0B5ZkuNRYqBBzOwQAToVOBDv9B4EOnHSpyH9KvVGTfSdmMdWgi1pGspPzwpV FzXPCEliDZ6idrhuH/uueQ1dZBHLdywB+SaH/wztwSOlkeB3s7VaIiTC2J0m9Fjh 3KjcK3moww3vtjPOZ4S1PIfcFmQtD/u2iMCTTtRufCdRsBBt/rg= =awr4 -----END PGP SIGNATURE----- --nextPart3630354.RZ5BrVjabF--