Can't add exception to bypass SEC_ERROR_UNKNOWN_ISSUER
Hello When I use public WIFI I need to accept its rules. To do that I'm used to open my home page (https://www.google.com) and then get redirected to the sign in page for the WIFI. However, now when I do that Firefox won't accept the redirected URL saying that "The owner of www.google.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website". Usually it was possible to add an exception and bypass the error. Now it's simply not available if I click on "Advanced" button. I want to be able to force Firefox to accept self-signed certificates.
Gekozen oplossing
browsers usually won't allow any exceptions/manual overrides for hsts domains and untrusted certs, as it is assumed that somebody is trying impersonate the site in this situation - hsts should protect against this scenario...
Dit antwoord in context lezen 👍 0Alle antwoorden (5)
PS. Clearly, Firefox won't be able check the certificate because it can't reach the issuer's servers before the WIFI rules have been accepted.
Of course, I can select a different URL for which Firefox doesn't need SSL, but it is very annoying and inconvenient. I'm thinking of downgrading.
Bewerkt door alxga op
hello, websites can specify that no override should be possible - google.com does this as well (https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) - in this case it would be easier to start with a normal http site to accept the wifi's terms.
philipp said
hello, websites can specify that no override should be possible - google.com does this as well (https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) - in this case it would be easier to start with a normal http site to accept the wifi's terms.
Yes, I understand that Google requires Firefox to connect via HTTPS. But why won't it accept a self-signed certificate? I need to override this.
Gekozen oplossing
browsers usually won't allow any exceptions/manual overrides for hsts domains and untrusted certs, as it is assumed that somebody is trying impersonate the site in this situation - hsts should protect against this scenario...
Okay, I marked as Solved. I can't troubleshoot it now because I won't be redirected to the sign-in page for awhile even if I disconnect and reconnect. It will act as if I accepted the terms already. I'll try to google a better solution (hopefully, importing the certificate or disable HSTS completely) in a few days.
Bewerkt door alxga op