permanently store this exception un checked in 44.02
When I go to the website "login.sheridanc.on.ca" sheridan college email I get the message "Your connection is not secure" I then go to "advanced" then "add exception.." and uncheck "permanently store this exception " I then can access the web site. But when I close and reopen the browser I expect that I should get the same error message "Your connection is not secure" since I have not saved the exception but the site login.sheridanc.on.ca works with no not secure error. Can anyone tell me why?
All Replies (9)
You can click the View button to inspect the certificate in the certificate viewer and check the issuer and other details.
The question has nothing to do with the issuer of the certificate. Firefox has identified the site as not trusted. Why has the message disappeared? I am using firefox 44.02 sha256 311f4114ab6159ec6b2795d43d787f292236cdb92d89a400f9b617cca60d9515
Note that you can't store a permanent exception when you are in Private Browsing mode, so check that.
Firefox automatically stores intermediate certificates that servers send in the Certificate Manager for future use. Stored intermediate certificates show as "Software Security Device" in the "Security Device" column in the Certificate Manager. A server needs to send the full certificate chain that includes all required intermediate certificates. If a server doesn't send a full certificate chain then you wouldn't get an untrusted error if Firefox has stored missing intermediate certificates by visiting a server in the past that has send this certificate, but you do get an untrusted error if this intermediate certificate isn't stored yet.
You can save the intermediate certificate data I posted below to a file named GeoTrustDVSSLCA-G4.crt and install the certificate via "File > Open File" of "Firefox menu button > New Tab > Open File". Do NOT check off any of the trust boxes as those are only required for root certificates and not for intermediate certificates.
-----BEGIN CERTIFICATE----- MIIERDCCAyygAwIBAgIDAjp4MA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNVBAYTAlVT MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i YWwgQ0EwHhcNMTQwODI5MjIyNDU4WhcNMjIwNTIwMjIyNDU4WjBmMQswCQYDVQQG EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UECxMURG9tYWluIFZh bGlkYXRlZCBTU0wxIDAeBgNVBAMTF0dlb1RydXN0IERWIFNTTCBDQSAtIEc0MIIB IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA30GUetr35DFDtuoBG1zOY+r6 baPZau4tmnX51ZxbvTTf2BzJbdgEiNputbe18DCuQNZd+sRTwdQinQROEaaV1UV8 QQVY4Ezd+e5VvV9G3K0TCJ0s5PeC5gcrng6MNKHOxKHggXCGAAY/Lep8myiuGyiL OQnT5/BFpLG6EWeQVXuP3u04XKHh44PEw3KRT5juHMKAqmSlPoNiHMzgnvhawBMS faKni6PnnyrXm8rL7ZcBnCiEUQRQQby0/HjpG88U6h8P/C4BMo22NcsKGDvsWj48 G9OZQx4v973zWxK5B17tPtGph8x3cifU2XWiY0uTNr3lXNe/X3kNszKnC7JjIwID AQABo4IBHTCCARkwHwYDVR0jBBgwFoAUwHqYaI2J+6sFZAwRfap9ZbjKzE4wHQYD VR0OBBYEFAtQ7HfvKpv/7AOhCv+txuQqGMc+MBIGA1UdEwEB/wQIMAYBAf8CAQAw DgYDVR0PAQH/BAQDAgEGMDUGA1UdHwQuMCwwKqAooCaGJGh0dHA6Ly9nLnN5bWNi LmNvbS9jcmxzL2d0Z2xvYmFsLmNybDAuBggrBgEFBQcBAQQiMCAwHgYIKwYBBQUH MAGGEmh0dHA6Ly9nLnN5bWNkLmNvbTBMBgNVHSAERTBDMEEGCmCGSAGG+EUBBzYw MzAxBggrBgEFBQcCARYlaHR0cDovL3d3dy5nZW90cnVzdC5jb20vcmVzb3VyY2Vz L2NwczANBgkqhkiG9w0BAQsFAAOCAQEAMyTVkKopDDW5L8PHQpPAxhBLAwh2hBCi 4OdTEifyCtp/Otz9XHlajxd0Q1Ox1dFdWbmmhGTK8ToKWZYQv6mBV4tch9x/4+S7 BXqgMgkTThCBKB+cA2K89AG1KYNGB7nnuF3I6dHdrTv4NNvB0ZWpkRjtPCw3EU3M /lM+UEP5w1ZBrFObbAWymuLgWVcwMrYmThMlzfpIcA91VWAR9TvVXlo8i1sPD2JC SGGFixD0wYi/f1+KwtfNK5RcHzRKCK/rromoSHVVlR27wJoBufQDIj7U5lIwDWe5 wJH9LUwwjr2MpQSRu6Srfw/Yb/BmAMmjXPWwj4PmnFrmtrnFvL7kAg== -----END CERTIFICATE-----
Modified
'I do not want to save the certificate'. Firefox is automatically saving the non secure certificate.
It shouldn't be necessary to create a permanent exception in cases where a web server doesn't send a complete certificate chain and it is never recommended to create permanent exceptions anyway because the server should fix this on their server.
What I posted above is the code of the missing intermediate certificate that the server should have send. Firefox stores such an intermediate certificate automatically when you visit a website then sends them. You appear not to have visited a server in the past that sends this specific certificate and that is why you will see this error message.
You can contact the website and ask them to install the missing intermediate certificate.
I have contacted the web site for http://login.sheridanc.on.ca/ and they do have a certificate error which Sheridan college has admitted and is investigating.
When I open this site firefox remembers this site as if I saved it permanently instead of displaying the error message everytime I visite the site. I have not saved anything. Firefox 44.02 on a Mac remembers and no longer shows the certificate error.
If you created a permanent exception then you will have to remove this exception to make Firefox use the certificate that the server sends. You should find this exception under the Servers tab in the Certificate Manager.
- Tools > Options > Advanced > Certificates: View Certificates
Do not remove other exceptions that show there.
If you read my post I have not created a permanent exception. also if I look at my certificates it is empty.
Modified
I didn't get the right kind of error page on that server, but did get an error on a related server. When I created a non-permanent exception, it showed up in the Certificate Manager, Servers tab, with its actual expiration date rather than an indication of when Firefox plans to expire the temporary exception. (Screen shot attached for comparison.)
When I exited Firefox and started it up again, the temporary exception was gone. I don't know whether it was cleaned out during shutdown or during startup.
In case it's relevant, I do NOT have Firefox set to clear history at shutdown.