Could somebody please verify this?
Point konqueror to a site with unknown site certificate, e,g, http://www.ba-ca.at/
Now the dialog "server authentication ..." pups up.
Click on "Continue",
Next dialog, click on "Permanent".
Close konqeror. Open it again, point it to the same address. Again the dialog "server authentication ..." comes up.
Nik.
On Tuesday 08 November 2011 10:08:38 Mag. Dr. Nikolaus Klepp wrote:
Could somebody please verify this?
Point konqueror to a site with unknown site certificate, e,g, http://www.ba-ca.at/
Now the dialog "server authentication ..." pups up.
Click on "Continue",
Next dialog, click on "Permanent".
Close konqeror. Open it again, point it to the same address. Again the dialog "server authentication ..." comes up.
I had this problem frequently with 3.5.12, it went away after update to 3.5.13 - are you sure your konqueror is up-to-date ?
werner
Am Dienstag, 8. November 2011 schrieb Werner Joss:
On Tuesday 08 November 2011 10:08:38 Mag. Dr. Nikolaus Klepp wrote:
Could somebody please verify this?
Point konqueror to a site with unknown site certificate, e,g, http://www.ba-ca.at/
Now the dialog "server authentication ..." pups up.
Click on "Continue",
Next dialog, click on "Permanent".
Close konqeror. Open it again, point it to the same address. Again the dialog "server authentication ..." comes up.
I had this problem frequently with 3.5.12, it went away after update to 3.5.13 - are you sure your konqueror is up-to-date ?
werner
defintly 3.5.13. it's reproduceable with david's live-cd from http://exe-linux.fastfishwebsolutions.com/tde/
nik
On 08/11/11 16:35, Mag. Dr. Nikolaus Klepp wrote:
Am Dienstag, 8. November 2011 schrieb Werner Joss:
On Tuesday 08 November 2011 10:08:38 Mag. Dr. Nikolaus Klepp wrote:
Could somebody please verify this?
Point konqueror to a site with unknown site certificate, e,g, http://www.ba-ca.at/
Now the dialog "server authentication ..." pups up.
Click on "Continue",
Next dialog, click on "Permanent".
Close konqeror. Open it again, point it to the same address. Again the dialog "server authentication ..." comes up.
I had this problem frequently with 3.5.12, it went away after update to 3.5.13 - are you sure your konqueror is up-to-date ?
werner
defintly 3.5.13. it's reproduceable with david's live-cd from http://exe-linux.fastfishwebsolutions.com/tde/
nik
Strange I can't reproduce that with either the live-cd or my normal installations.... trying the url you mention, konq just opens it normally (except it wants flash if not present)
But check them out here: http://www.digicert.com/help/ I get 2 different results in different iceweasel tabs, one is ok, one says "Certificate does not match name"
David
Am Dienstag, 8. November 2011 schrieb David Hare:
On 08/11/11 16:35, Mag. Dr. Nikolaus Klepp wrote:
Am Dienstag, 8. November 2011 schrieb Werner Joss:
On Tuesday 08 November 2011 10:08:38 Mag. Dr. Nikolaus Klepp wrote:
Could somebody please verify this?
Point konqueror to a site with unknown site certificate, e,g, http://www.ba-ca.at/
Now the dialog "server authentication ..." pups up.
Click on "Continue",
Next dialog, click on "Permanent".
Close konqeror. Open it again, point it to the same address. Again the dialog "server authentication ..." comes up.
I had this problem frequently with 3.5.12, it went away after update to 3.5.13 - are you sure your konqueror is up-to-date ?
werner
defintly 3.5.13. it's reproduceable with david's live-cd from http://exe-linux.fastfishwebsolutions.com/tde/
nik
Strange I can't reproduce that with either the live-cd or my normal installations.... trying the url you mention, konq just opens it normally (except it wants flash if not present)
But check them out here: http://www.digicert.com/help/ I get 2 different results in different iceweasel tabs, one is ok, one says "Certificate does not match name"
David
Sorry, I missed an "s". The test-URL is https://www.ba-ca.at/ Could you please retry?
Nik
In article 201111081951.18196.office@klepp.biz, Mag. Dr. Nikolaus Klepp trinity-users@lists.pearsoncomputing.net wrote:
Am Dienstag, 8. November 2011 schrieb David Hare:
On 08/11/11 16:35, Mag. Dr. Nikolaus Klepp wrote:
Am Dienstag, 8. November 2011 schrieb Werner Joss:
On Tuesday 08 November 2011 10:08:38 Mag. Dr. Nikolaus Klepp wrote:
Could somebody please verify this?
Point konqueror to a site with unknown site certificate, e,g, http://www.ba-ca.at/
Now the dialog "server authentication ..." pups up.
Click on "Continue",
Next dialog, click on "Permanent".
Close konqeror. Open it again, point it to the same address. Again the dialog "server authentication ..." comes up.
I had this problem frequently with 3.5.12, it went away after update to 3.5.13 - are you sure your konqueror is up-to-date ?
werner
defintly 3.5.13. it's reproduceable with david's live-cd from http://exe-linux.fastfishwebsolutions.com/tde/
nik
Strange I can't reproduce that with either the live-cd or my normal installations.... trying the url you mention, konq just opens it normally (except it wants flash if not present)
But check them out here: http://www.digicert.com/help/ I get 2 different results in different iceweasel tabs, one is ok, one says "Certificate does not match name"
David
Sorry, I missed an "s". The test-URL is https://www.ba-ca.at/ Could you please retry?
Just tidying up my mailbox - I have checked this on 3.5.15.1 and it happens for me as you descibe. Base OS is Debian Squeeze+bpo. Myself I almost never store permanent exceptions so am not too hard hit by it (gives me a chance to rightously mutter about folk who haven't noticed their signer's signer's root certificate was cancelled last year due to compromise and thus breaking their validity chain), but I hope the report is still useful.
Nick
On Tuesday 08 November 2011 12:08:38 am Mag. Dr. Nikolaus Klepp wrote:
Could somebody please verify this?
Point konqueror to a site with unknown site certificate, e,g, http://www.ba-ca.at/
Now the dialog "server authentication ..." pups up.
Click on "Continue",
Next dialog, click on "Permanent".
Close konqeror. Open it again, point it to the same address. Again the dialog "server authentication ..." comes up.
Nik.
FWIW,
I get the same behavior you do.
Not sure what this means though, if a site does not have a valid cert, can you make it permanent?
Am Dienstag, 8. November 2011 schrieb Greg Madden:
On Tuesday 08 November 2011 12:08:38 am Mag. Dr. Nikolaus Klepp wrote:
Could somebody please verify this?
Point konqueror to a site with unknown site certificate, e,g, http://www.ba-ca.at/
Now the dialog "server authentication ..." pups up.
Click on "Continue",
Next dialog, click on "Permanent".
Close konqeror. Open it again, point it to the same address. Again the dialog "server authentication ..." comes up.
Nik.
FWIW,
I get the same behavior you do.
Not sure what this means though, if a site does not have a valid cert, can you make it permanent?
I can't make it permanent, that's the problem.
On 08/11/11 20:30, Mag. Dr. Nikolaus Klepp wrote:
Am Dienstag, 8. November 2011 schrieb Greg Madden:
On Tuesday 08 November 2011 12:08:38 am Mag. Dr. Nikolaus Klepp wrote:
Could somebody please verify this?
Point konqueror to a site with unknown site certificate, e,g, http://www.ba-ca.at/
Now the dialog "server authentication ..." pups up.
Click on "Continue",
Next dialog, click on "Permanent".
Close konqeror. Open it again, point it to the same address. Again the dialog "server authentication ..." comes up.
Nik.
FWIW,
I get the same behavior you do.
Not sure what this means though, if a site does not have a valid cert, can you make it permanent?
I can't make it permanent, that's the problem.
Popup box in konq here (using ssl.....) :
"The IP address of the host www.ba-ca.at does not match the one the certificate was issued to."
With iceweasel:
"This Connection is Untrusted"
so can't be a konqueror-specific issue, maybe it's the other end of the line?
Sorry can't check this in M$, gave that up several years back.
D
Am Dienstag, 8. November 2011 schrieb David Hare:
On 08/11/11 20:30, Mag. Dr. Nikolaus Klepp wrote:
Am Dienstag, 8. November 2011 schrieb Greg Madden:
On Tuesday 08 November 2011 12:08:38 am Mag. Dr. Nikolaus Klepp wrote:
Could somebody please verify this?
Point konqueror to a site with unknown site certificate, e,g, http://www.ba-ca.at/
Now the dialog "server authentication ..." pups up.
Click on "Continue",
Next dialog, click on "Permanent".
Close konqeror. Open it again, point it to the same address. Again the dialog "server authentication ..." comes up.
Nik.
FWIW,
I get the same behavior you do.
Not sure what this means though, if a site does not have a valid cert, can you make it permanent?
I can't make it permanent, that's the problem.
Popup box in konq here (using ssl.....) :
"The IP address of the host www.ba-ca.at does not match the one the certificate was issued to."
With iceweasel:
"This Connection is Untrusted"
so can't be a konqueror-specific issue, maybe it's the other end of the line?
Sorry can't check this in M$, gave that up several years back.
YOu misunderstand my point: The problem is not that the messagebox "The IP address of the host www.ba-ca.at does not match the one the certificate was issued to." appears. In fact, that's what it is supposed to do. The problem is, that konqueror does not store the certificate so that I do not get that messagebox again.
When you click "Continue" on the messagebox, then the next messagebox appears saying:
"Would you like to accept this certificate forever without being prompted?"
Click "Forever" and close konqueror. At this point the site certificate should have been saved to ~/.trinity/share/config/ksslpolicies - but it is not.
Now restart konqueror, go to the same address as before and you get the messagebox "The IP address of the host www.ba-ca.at does not match the one the certificate was issued to." - which should not appear as the site certificate should have been stored in ~/.trinity/share/config/ksslpolicies.
This problem is quite anoying, as it appears on all self certified sites and sites.
Nik
D
To unsubscribe, e-mail: trinity-users-unsubscribe@lists.pearsoncomputing.net For additional commands, e-mail: trinity-users-help@lists.pearsoncomputing.net Read list messsages on the Web archive: http://trinity-users.pearsoncomputing.net/ Please remember not to top-post: http://trinity.pearsoncomputing.net/mailing_lists/#top-posting
Am Dienstag, 8. November 2011 schrieb David Hare:
On 08/11/11 20:30, Mag. Dr. Nikolaus Klepp wrote:
Am Dienstag, 8. November 2011 schrieb Greg Madden:
On Tuesday 08 November 2011 12:08:38 am Mag. Dr. Nikolaus Klepp
wrote:
Could somebody please verify this?
Point konqueror to a site with unknown site certificate, e,g, http://www.ba-ca.at/
Now the dialog "server authentication ..." pups up.
Click on "Continue",
Next dialog, click on "Permanent".
Close konqeror. Open it again, point it to the same address. Again
the
dialog "server authentication ..." comes up.
Nik.
FWIW,
I get the same behavior you do.
Not sure what this means though, if a site does not have a valid
cert,
can you make it permanent?
I can't make it permanent, that's the problem.
Popup box in konq here (using ssl.....) :
"The IP address of the host www.ba-ca.at does not match the one the certificate was issued to."
With iceweasel:
"This Connection is Untrusted"
so can't be a konqueror-specific issue, maybe it's the other end of the line?
Sorry can't check this in M$, gave that up several years back.
YOu misunderstand my point: The problem is not that the messagebox "The IP address of the host www.ba-ca.at does not match the one the certificate was issued to." appears. In fact, that's what it is supposed to do. The problem is, that konqueror does not store the certificate so that I do not get that messagebox again.
When you click "Continue" on the messagebox, then the next messagebox appears saying:
"Would you like to accept this certificate forever without being prompted?"
Click "Forever" and close konqueror. At this point the site certificate should have been saved to ~/.trinity/share/config/ksslpolicies - but it is not.
Now restart konqueror, go to the same address as before and you get the messagebox "The IP address of the host www.ba-ca.at does not match the one the certificate was issued to." - which should not appear as the site certificate should have been stored in ~/.trinity/share/config/ksslpolicies.
This problem is quite anoying, as it appears on all self certified sites and sites.
Nik
And I can confirm the bug. Have you filed a bug report for this?
Tim
Am Dienstag, 8. November 2011 schrieb Timothy Pearson:
Am Dienstag, 8. November 2011 schrieb David Hare:
On 08/11/11 20:30, Mag. Dr. Nikolaus Klepp wrote:
Am Dienstag, 8. November 2011 schrieb Greg Madden:
On Tuesday 08 November 2011 12:08:38 am Mag. Dr. Nikolaus Klepp
wrote:
Could somebody please verify this?
Point konqueror to a site with unknown site certificate, e,g, http://www.ba-ca.at/
Now the dialog "server authentication ..." pups up.
Click on "Continue",
Next dialog, click on "Permanent".
Close konqeror. Open it again, point it to the same address. Again
the
dialog "server authentication ..." comes up.
Nik.
FWIW,
I get the same behavior you do.
Not sure what this means though, if a site does not have a valid
cert,
can you make it permanent?
I can't make it permanent, that's the problem.
Popup box in konq here (using ssl.....) :
"The IP address of the host www.ba-ca.at does not match the one the certificate was issued to."
With iceweasel:
"This Connection is Untrusted"
so can't be a konqueror-specific issue, maybe it's the other end of the line?
Sorry can't check this in M$, gave that up several years back.
YOu misunderstand my point: The problem is not that the messagebox "The IP address of the host www.ba-ca.at does not match the one the certificate was issued to." appears. In fact, that's what it is supposed to do. The problem is, that konqueror does not store the certificate so that I do not get that messagebox again.
When you click "Continue" on the messagebox, then the next messagebox appears saying:
"Would you like to accept this certificate forever without being prompted?"
Click "Forever" and close konqueror. At this point the site certificate should have been saved to ~/.trinity/share/config/ksslpolicies - but it is not.
Now restart konqueror, go to the same address as before and you get the messagebox "The IP address of the host www.ba-ca.at does not match the one the certificate was issued to." - which should not appear as the site certificate should have been stored in ~/.trinity/share/config/ksslpolicies.
This problem is quite anoying, as it appears on all self certified sites and sites.
Nik
And I can confirm the bug. Have you filed a bug report for this?
not yet, as I wanted to be sure it's not only my setup ;-)
Tim
To unsubscribe, e-mail: trinity-users-unsubscribe@lists.pearsoncomputing.net For additional commands, e-mail: trinity-users-help@lists.pearsoncomputing.net Read list messsages on the Web archive: http://trinity-users.pearsoncomputing.net/ Please remember not to top-post: http://trinity.pearsoncomputing.net/mailing_lists/#top-posting
Am Dienstag, 8. November 2011 schrieb Timothy Pearson:
Am Dienstag, 8. November 2011 schrieb David Hare:
On 08/11/11 20:30, Mag. Dr. Nikolaus Klepp wrote:
Am Dienstag, 8. November 2011 schrieb Greg Madden:
On Tuesday 08 November 2011 12:08:38 am Mag. Dr. Nikolaus Klepp
wrote:
Could somebody please verify this?
Point konqueror to a site with unknown site certificate, e,g, http://www.ba-ca.at/
Now the dialog "server authentication ..." pups up.
Click on "Continue",
Next dialog, click on "Permanent".
Close konqeror. Open it again, point it to the same address. Again
the
dialog "server authentication ..." comes up.
Nik.
FWIW,
I get the same behavior you do.
Not sure what this means though, if a site does not have a valid
cert,
can you make it permanent?
I can't make it permanent, that's the problem.
Popup box in konq here (using ssl.....) :
"The IP address of the host www.ba-ca.at does not match the one the certificate was issued to."
With iceweasel:
"This Connection is Untrusted"
so can't be a konqueror-specific issue, maybe it's the other end of the line?
Sorry can't check this in M$, gave that up several years back.
YOu misunderstand my point: The problem is not that the messagebox "The IP address of the host www.ba-ca.at does not match the one the certificate was issued to." appears. In fact, that's what it is supposed to do. The problem is, that konqueror does not store the certificate so that I do not get that messagebox again.
When you click "Continue" on the messagebox, then the next messagebox appears saying:
"Would you like to accept this certificate forever without being prompted?"
Click "Forever" and close konqueror. At this point the site certificate should have been saved to ~/.trinity/share/config/ksslpolicies - but it is not.
Now restart konqueror, go to the same address as before and you get the messagebox "The IP address of the host www.ba-ca.at does not match the one the certificate was issued to." - which should not appear as the site certificate should have been stored in ~/.trinity/share/config/ksslpolicies.
This problem is quite anoying, as it appears on all self certified sites and sites.
Nik
And I can confirm the bug. Have you filed a bug report for this?
did it, Bug 594 .
Tim
To unsubscribe, e-mail: trinity-users-unsubscribe@lists.pearsoncomputing.net For additional commands, e-mail: trinity-users-help@lists.pearsoncomputing.net Read list messsages on the Web archive: http://trinity-users.pearsoncomputing.net/ Please remember not to top-post: http://trinity.pearsoncomputing.net/mailing_lists/#top-posting
-
David Hare -
Greg Madden -
Mag. Dr. Nikolaus Klepp -
Nick Leverton -
Timothy Pearson -
Werner Joss