So in an effort to make the world safer, Firefox now lets you know when a cert is not 100% legit.
If you use firefox, then you by now are probably conditioned to the following:
- Receive scary warning message about a cert
- Ignore scary warning message about a cert
- Click through the whole "add exception" process
- Go on with your life
Great!
The world is no more secure than it used to be, but I am guessing that someone over there at firefox sleeps better at night believing that they are protecting humanity from the evils of unpaid-for server certificates.
So now to my point...
Let's say you want to use an out-of-the-box web proxy (such as paros or webscarab) along with your brand spankin new version of firefox but you keep getting an error that says something like:
yada.yada.yada:443 uses an invalid security certificate. The certificate is not trusted because it is self signed. The certificate is only valid for <a title="Paros" id="cert_domain_link">Paros</a> The certificate expired on 11/8/2002 4:50 AM. (error code: sec_error_expired_issuer_certificate)
You may find that you are unable to participate in the "add exception" farse and move on.
So what can you do?
I am not intending to tell you why the following works, but simply to show you an effective fix/workaround.
- browse to http://about:config
- click the stupid "i will be careful" button
- look for the network.dns.disableIPv6 option and set it to true
Now when you receive the error when browsing to an https site using your proxy, you should be given the opportunity to add an exception and continue on to the site.
Thanks Firefox for robbing me of 2 hours of my life...
-Curt
I'm not really bitter person most of the time.