Ko tenda hembiapoite sa’ivéta oñemba’apokuévo hese hembiapo porãve hag̃ua. Peteĩ jehaipyre nomoĩporãiramo ne apañuái ha eporanduséramo, roguerekohína ore nepytyvõ rekoha ikatútava ndeykeko @FirefoxSupport Twitter-pe ha avei /r/firefox Reddit-pe.

Eheka Pytyvõha

Emboyke pytyvõha apovai. Ndorojeruremo’ãi ehenói térã eñe’ẽmondóvo pumbyrýpe ha emoherakuãvo marandu nemba’etéva. Emombe’u tembiapo imarãkuaáva ko “Marandu iñañáva” rupive.

Kuaave

temporarily accept self-signed certificate

  • 8 Mbohovái
  • 1 oguereko ko apañuái
  • 5 Hecha
  • Mbohovái ipaháva mmorandini

more options

Up to FF 65 it was possible to temporarily accept a self-signed certificate without making a permanent exception. In FF 66 I have only the option of "accept the risk and continue" (I want to accept the risk, and I know what I'm doing), but this automatically trust the certificate for the future while I would like to have the warning each and every time I'm going to visit that particular site. Is there a preference in about:config that can help me on this? I have tried toggling "security.certerrors.permanentOverride" but the behavior stays the same.

Up to FF 65 it was possible to temporarily accept a self-signed certificate without making a permanent exception. In FF 66 I have only the option of "accept the risk and continue" (I want to accept the risk, and I know what I'm doing), but this automatically trust the certificate for the future while I would like to have the warning each and every time I'm going to visit that particular site. Is there a preference in about:config that can help me on this? I have tried toggling "security.certerrors.permanentOverride" but the behavior stays the same.

Ñemoĩporã poravopyre

Got it. It's the browser cache: if the page is loaded into cache it is not going to issue a warning unless it need to retrieve it again (i.e. I see the warning by hitting "Reload"). This solves my problem. I'm going to update the bug report, someone more knowledgeable by me can then choose whether to close it as invalid or not.

Emoñe’ẽ ko mbohavái ejeregua reheve 👍 0

Opaite Mbohovái (8)

more options

hi, have you tried to restart the browser after toggling "security.certerrors.permanentOverride"? (it should be the right one for the behaviour you want to achieve)

more options

Yes, same behavior.

more options

would you mind filing a bug for this at bugzilla.mozilla.org? the change in https://bugzilla.mozilla.org/show_bug.cgi?id=1492498 seems to have introduced the preference in order to control the behaviour, but apparently doesn't work as expected...

more options

Bug #1538166

more options

philipp said

hi, have you tried to restart the browser after toggling "security.certerrors.permanentOverride"? (it should be the right one for the behaviour you want to achieve)

This seems to work for me on Windows, using https://self-signed.badssl.com/ as a test page.

more options

Strangely enough, https://self-signed.badssl.com/ works for me too. But it does not work for

https://mail.rtai.org/pipermail/rtai/?&MMN_position=21:21 :

the temporary certificate in the "Server" tab gets deleted if I restart firefox (linux), but I'm still able to access the site without any warning. Can you reproduce this?

more options

mmorandini said

Strangely enough, https://self-signed.badssl.com/ works for me too. But it does not work for
https://mail.rtai.org/pipermail/rtai/?&MMN_position=21:21 :
the temporary certificate in the "Server" tab gets deleted if I restart firefox (linux), but I'm still able to access the site without any warning. Can you reproduce this?

I get a warning on first visit and if I create a temporary Server exception and then delete it before trying to visit again.

In your bug you mentioned an entry on the Authorities tab. That probably should not be there, just a Server exception (this cert, not this issuer).

more options

Ñemoĩporã poravopyre

Got it. It's the browser cache: if the page is loaded into cache it is not going to issue a warning unless it need to retrieve it again (i.e. I see the warning by hitting "Reload"). This solves my problem. I'm going to update the bug report, someone more knowledgeable by me can then choose whether to close it as invalid or not.