Caută ajutor

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Află mai multe

Acest fir de discuție a fost arhivat. Adresează o întrebare nouă dacă ai nevoie de ajutor.

No option to ignore a warning and access the page

more options

I just discovered Firefox is worse than Internet Explorer. I need your help to fix that.

Here's the deal. A website has a certificate that expired not so long ago. It's my friend's website, I know everything is fine and safe, but he can't update the certificate since he's gone afk for a few months. And yet, Firefox won't let me access the site, because oh my god certificate expired.

Well, if I go to the same address in Internet Explorer, it shows a similar warning, with 2 options: - to close the site - to proceed at my own risk

So, where in Firefox is the button that lets me proceed (just this once)? Um, nowhere. And I can't add an exception to this certificate either. So as a result I can do more with Internet Explorer than I can with Firefox. Wow.

How do I tell Firefox it can stop treating me like a clueless 3-year-old, because I know what I'm doing? Where is the "no need to protect me from myself" checkbox that would enable more options?

I just discovered Firefox is worse than Internet Explorer. I need your help to fix that. Here's the deal. A website has a certificate that expired not so long ago. It's my friend's website, I know everything is fine and safe, but he can't update the certificate since he's gone afk for a few months. And yet, Firefox won't let me access the site, because oh my god certificate expired. Well, if I go to the same address in Internet Explorer, it shows a similar warning, with 2 options: - to close the site - to proceed at my own risk So, where in Firefox is the button that lets me proceed (just this once)? Um, nowhere. And I can't add an exception to this certificate either. So as a result I can do more with Internet Explorer than I can with Firefox. Wow. How do I tell Firefox it can stop treating me like a clueless 3-year-old, because I know what I'm doing? Where is the "no need to protect me from myself" checkbox that would enable more options?
Capturi de ecran atașate

Soluție aleasă

As you see in the error text, the server requires HTTPS -- this is called HSTS. Firefox learned this on a previous visit to the site and saved the instruction. I'm surprised that IE didn't observe the instruction, but perhaps it doesn't support this feature or you hadn't visited the server in IE before.

HSTS instructions are saved in a file you can open -- it's plain text -- and edit. Or you can hide/remove the whole file and Firefox will start accumulating that information again as you browse. Ready to get started?

Open your current Firefox settings (AKA Firefox profile) folder using either

  • "3-bar" menu button > "?" Help > Troubleshooting Information
  • (menu bar) Help > Troubleshooting Information
  • type or paste about:support in the address bar and press Enter

In the first table on the page, click the "Open Folder" button. This should launch a new window listing various files and folders in Windows Explorer.

Leaving that window open, switch back to Firefox and Exit, either:

  • "3-bar" menu button > "power" button Exit
  • (menu bar) File > Exit

Pause while Firefox finishes its cleanup, then find the file SiteSecurityServiceState.txt which contains HSTS instructions.

Option 1:

Open the file in a text editor, find the line for the server, and delete that line. When saving the file, make sure it remains a plain text file.

Option 2:

Right-click > Rename the file to something like SiteSecurityServiceStateOLD.txt just in case you need something from it later.

Start Firefox back up again, and you should be able to access the site using HTTP instead of HTTPS.

Citește acest răspuns în context 👍 1

Toate răspunsurile (8)

more options

Try this security.pki.distrust_ca_policy 1 works for me since, Nightly has started to distrust certificates.

more options

Tried that just now: 1. went to about:config 2. found out it's already set to 1 3. switched to 0 4. still no option to continue at my own risk

(also: I'm not on Nightly, I'm using the recommended stable version - 61.0.2 at the moment)

more options

What does the blue button at the bottom say? And the other one?

more options

FredMcD said

What does the blue button at the bottom say?

Go back to the previous page

And the other one?

Advanced

more options

Soluție aleasă

As you see in the error text, the server requires HTTPS -- this is called HSTS. Firefox learned this on a previous visit to the site and saved the instruction. I'm surprised that IE didn't observe the instruction, but perhaps it doesn't support this feature or you hadn't visited the server in IE before.

HSTS instructions are saved in a file you can open -- it's plain text -- and edit. Or you can hide/remove the whole file and Firefox will start accumulating that information again as you browse. Ready to get started?

Open your current Firefox settings (AKA Firefox profile) folder using either

  • "3-bar" menu button > "?" Help > Troubleshooting Information
  • (menu bar) Help > Troubleshooting Information
  • type or paste about:support in the address bar and press Enter

In the first table on the page, click the "Open Folder" button. This should launch a new window listing various files and folders in Windows Explorer.

Leaving that window open, switch back to Firefox and Exit, either:

  • "3-bar" menu button > "power" button Exit
  • (menu bar) File > Exit

Pause while Firefox finishes its cleanup, then find the file SiteSecurityServiceState.txt which contains HSTS instructions.

Option 1:

Open the file in a text editor, find the line for the server, and delete that line. When saving the file, make sure it remains a plain text file.

Option 2:

Right-click > Rename the file to something like SiteSecurityServiceStateOLD.txt just in case you need something from it later.

Start Firefox back up again, and you should be able to access the site using HTTP instead of HTTPS.

more options

I forgot to mention, but you might already know, that Windows hides certain file extension like .txt by default. When renaming files, I suggest setting Windows to show all file extensions: https://www.bleepingcomputer.com/tutorials/how-to-show-file-extensions-in-windows/

more options

jscher2000 said

As you see in the error text, the server requires HTTPS -- this is called HSTS. Firefox learned this on a previous visit to the site and saved the instruction. I'm surprised that IE didn't observe the instruction, but perhaps it doesn't support this feature or you hadn't visited the server in IE before. HSTS instructions are saved in a file you can open -- it's plain text -- and edit. Or you can hide/remove the whole file and Firefox will start accumulating that information again as you browse. Ready to get started? Open your current Firefox settings (AKA Firefox profile) folder using either
  • "3-bar" menu button > "?" Help > Troubleshooting Information
  • (menu bar) Help > Troubleshooting Information
  • type or paste about:support in the address bar and press Enter
In the first table on the page, click the "Open Folder" button. This should launch a new window listing various files and folders in Windows Explorer. Leaving that window open, switch back to Firefox and Exit, either:
  • "3-bar" menu button > "power" button Exit
  • (menu bar) File > Exit
Pause while Firefox finishes its cleanup, then find the file SiteSecurityServiceState.txt which contains HSTS instructions. Option 1: Open the file in a text editor, find the line for the server, and delete that line. When saving the file, make sure it remains a plain text file. Option 2: Right-click > Rename the file to something like SiteSecurityServiceStateOLD.txt just in case you need something from it later. Start Firefox back up again, and you should be able to access the site using HTTP instead of HTTPS.

It did the trick, but in a different way than I expected. I expected a warning screen, but this time with a button to proceed on my own risk. Nope - it just entered the site, no warning whatsoever. Interesting. I don't much care for the lack of warning here (since it's my friend's site and I trust it), but it would be nice to have a warning for other sites I don't know, when something is off.

So although I'm somewhat baffled with the result, your method worked like a charm - thanks a bunch. You're a commendable human being :)

(I also love how you gave 2-3 options for everything, ranging from most simple/noob friendly, all the way to the fastest, but less suitable for beginners.)

Modificat în de Artur

more options

Hi arturbobik, what I would expect is: