We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Èròjà atẹ̀lélànà yii ni a ti fi pamọ́ fọ́jọ́ pípẹ́. Jọ̀wọ́ béèrè ìbéèrè titun bí o bá nílò ìrànwọ́.

Problem with IPv6 address literal, SSL, untrusted cert

  • 2 àwọn èsì
  • 5 ní àwọn ìṣòro yìí
  • 3 views
  • Èsì tí ó kẹ́hìn lọ́wọ́ lehughes

more options

If I connect to an SSL site with an IPv6 address literal, and the cert is not trusted, there is no way to override the warning and connect anyway. I can do this OK with IE.

If I connect to an SSL site with an IPv6 address literal, and the cert is not trusted, there is no way to override the warning and connect anyway. I can do this OK with IE.

All Replies (2)

more options

Check out why the site is untrusted (click "Technical Details to expand that section) and if this is caused by a missing intermediate certificate then see if you can install this intermediate certificate from another source.

You can retrieve the certificate and check details like who issued certificates and expiration dates of certificates.

  • Click the link at the bottom of the error page: "I Understand the Risks"

Let Firefox retrieve the certificate: "Add Exception" -> "Get Certificate".

  • Click the "View..." button and inspect the certificate and check who is the issuer of the certificate.

You can see more Details like intermediate certificates that are used in the Details pane.

If "I Understand the Risks" is missing then this page may be opened in an (i)frame and in that case try the right-click context menu and use "This Frame: Open Frame in New Tab".

more options

the problem is not with an untrusted cert. the problem is what firefox does when there IS an untrusted cert, and the URL contains an IPv6 address literal (e.g. https://[2001:470:3d:100::120]). There is a bug that prevents me from overriding the warning and saying "connect anyway". This works fine with an IPv4 address literal (I can tell it to connect anyway over IPv4). Also if the URL contains a domain name (e.g. https://www.sixscape.com) that happens to resolve to an IPv6. The problem is only when the URL contains an IPv6 address literal. This is easy to reproduce.

Also, there is no problem doing this in any version of IE.

Ti ṣàtúnṣe nípa lehughes