firefox and bad ssl certificates

Alexander Sack asac at
Wed May 7 08:57:24 UTC 2008

On Wed, May 07, 2008 at 10:31:19AM +0200, Peio Ziarsolo wrote:
> Hello everybody,
> I have found different behaviours between firefox 2 and firefox3 when
> they detect a bad ssl certificate.
> Firefox 2, when detects the bad certificate warms you about it and give
> you the choise to carry on.
> Firefox 3, when detects the bad certificates, it show you a error page
> and doesn't allow you to look at it.
> I would like to know before report like a bug if this is a new security
> feature or if it is just a bug. It's annoniying not be able to look at a
> lot of web pages.

This is a new security feature. The idea is to make users think and
understand about what they are doing by replacing the useless
click-through dialog by something that users actually has to read.

If you look closely at the error page you are suggested to "add an
exception ..."; if you follow that link you should be able to get the
certificate and grand temporary/permanent exception for it.

In next firefox update the page will change a bit so users don't
confuse it with ordinary error page anymore.

 - Alexander

More information about the Ubuntu-devel-discuss mailing list