Comments on: Firefox 3 SSL certificate warnings.. confusing?

By: Mauricio

Mauricio — Mon, 30 Mar 2009 11:15:45 +0000

Well, at this time you can find Addons to disable this functionality on Firefox, however I don’t recommend it.

http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1326622,00.html

Yes it’s so frustrating and I think that firefox should change the message appearance, the current looks like a fatal error!

By: Paul

Paul — Thu, 11 Dec 2008 18:38:43 +0000

Agreed. seems like the beginning of the end. I was very resistant in upgrading to FireFox 3 for this very reason. I work with a lot of networking equipment that have internal/private webservers, and most are accessed via SSL and they use self-signed certificates. Heck, even my linksys WRT54GS at home uses SSL now but uses a self-signed certificate. I have to deal with the “Add an Exception” dialog box at least once a day. It’s quite frustrating. I kept looking for an addon to disable this or make it easier to just accept and move on.

By: johnboy

johnboy — Sun, 13 Jul 2008 12:57:05 +0000

I came across your site because I am trying to find a way to disable this rubbish.

Certainly I expect a single dialogue box when a site is using an unsigned certificate with a Yes or No option to proceed.

While I like the speed improvements in FF3 and the Page Info screen, I have also spent a lot of time tweaking about:config to put other things back to how they were in FF2.

I really don’t like software treating me like I’m an idiot.

Maybe this is the beginning of the end.

By: verwilst

verwilst — Wed, 09 Jul 2008 08:10:56 +0000

At least until Mozilla includes the CaCert certificates by default idd.. Sure, you cannot be sure that you are talking to the party you want to with self-signed certificates, but at least your connection cannot be spied on by the rest of the world, which makes these warning way too harsh and restrictive imo.

By: Albert

Albert — Mon, 07 Jul 2008 07:51:54 +0000

Well, there has been no “GUI master” to “improve the situation”.

I wonder how much money Mozilla received from Verisign for this attempt to kill the use of self-signed certificates. This makes SSL unusable for small webmail sites, and forces them to pay some big foreign private corporation for the privilege of encryption.

And this is coming from an open source organization?

Can’t we do something about it?

By: Shane

Shane — Mon, 14 Apr 2008 21:21:23 +0000

I don’t like this functionality at all.

The core purpose behind SSL is encrypted data exchange, and is not about paying a certificate company to ‘trust’ you.

Self signed certificates serve a valid purpose. It is a shame that the new Firefox appears to be excluding self signed certificates as a way of establishing a secure connection.

By: Kristof Provost

Kristof Provost — Mon, 03 Mar 2008 20:30:07 +0000

I suspect it’s the usual “Microsoft does it so we should do it too.” meme.

I’d be upset if I didn’t use Opera.