From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id 11A391385DD for ; Fri, 4 Sep 2015 19:51:06 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 476321425F; Fri, 4 Sep 2015 19:50:59 +0000 (UTC) Received: from acheron.yagibdah.de (acheron.yagibdah.de [185.55.75.245]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 3352714212 for ; Fri, 4 Sep 2015 19:50:57 +0000 (UTC) Received: from br-dmz-ip.yagibdah.de ([192.168.1.1] helo=heimdali.yagibdah.de) by acheron.yagibdah.de with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.85) (envelope-from ) id 1ZXx0i-0003qv-AF for gentoo-user@lists.gentoo.org; Fri, 04 Sep 2015 21:50:56 +0200 Received: from lee by heimdali.yagibdah.de with local (Exim 4.84) (envelope-from ) id 1ZXx0i-0003eY-89 for gentoo-user@lists.gentoo.org; Fri, 04 Sep 2015 21:50:56 +0200 From: lee To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] broken seamonkey :( In-Reply-To: <201509041143.36216.michaelkintzios@gmail.com> (Mick's message of "Fri, 4 Sep 2015 11:43:34 +0100") Date: Fri, 04 Sep 2015 21:50:43 +0200 Organization: my virtual residence Message-ID: <874mjam0a4.fsf@heimdali.yagibdah.de> References: <87oahjmg8s.fsf@heimdali.yagibdah.de> <87egifm5rx.fsf@heimdali.yagibdah.de> <201509041143.36216.michaelkintzios@gmail.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.4 (gnu/linux) Mail-Followup-To: gentoo-user@lists.gentoo.org Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: text/plain X-Archives-Salt: b8905c9b-96a4-4ea8-92ea-b6687929e249 X-Archives-Hash: a18041d59a894d0b0f66228c9cebc034 Mick writes: > On Friday 04 Sep 2015 08:54:19 Peter Weilbacher wrote: > >> Are you sure that diving right into about:config is the best way? In >> SeaMonkey, take a look under Preferences -> Privacy & Security -> >> Certificates. Under "Manage Certificates..." you can import your own >> certificates which I think is the right way to proceed (although I >> haven't tried that in a while). In the same dialog, you can also >> manually add exceptions before you even go to the server. >> Firefox and Thunderbird have similar dialogs. >> >> Peter. > > I agree with Peter, it is best you don't disable what is after all a security > warning mechanism. > > In Firefox you are not able to add an exception if you use a Private window > (Ctrl+Shift+P). Otherwise you should be able to. Alternatively, have you > tried adding an exception to the server certificate manually as suggested by > Peter? > > You can: > > Add your self-signed server certificate in your Server certificates seamonkey > tab. Updating the seamonkey version ought to retain any certificates you have > uploaded there. You can also set an exception in the Server's tab. If you do > not have the server certificate already on your filesystem, you can obtain it > with: > > openssl s_client -connect www.google.com:443 -showcerts > > (replace www.google.com with your server of course). > > Or, you can try adding it in the RootCA tab and edit its trust there. It doesn't work. I've imported the certificate now at home, and no matter what trust I set or whatever I do, I cannot connect, and I cannot add an exception. I think I need to be able to add an exception through the dialog that pops up when trying to connect since that's the only way that there's a chance that it will work. -- Again we must be afraid of speaking of daemons for fear that daemons might swallow us. Finally, this fear has become reasonable.