Yes, i had email checked only. No restart needed.
www.authorize.net certificate warning in Pale Moon
Moderator: trava90
Forum rules
Please always mention the name/domain of the website in question in your topic title.
Please one website per topic thread (to help keep things organized). While behavior on different sites might at first glance seem similar, they are not necessarily caused by the same.
Please try to include any relevant output from the Toolkit Error Console or the Developer Tools Web Console using the following procedure:
Please always mention the name/domain of the website in question in your topic title.
Please one website per topic thread (to help keep things organized). While behavior on different sites might at first glance seem similar, they are not necessarily caused by the same.
Please try to include any relevant output from the Toolkit Error Console or the Developer Tools Web Console using the following procedure:
- Clear any current output
- Navigate or refresh the page in question
- Copy and paste Errors or seemingly relevant Warnings into a single [ code ] block.
-
Veit Kannegieser
- Moonbather
- Posts: 54
- Joined: 2019-03-23, 19:16
-
mmouse
- Moonbather
- Posts: 66
- Joined: 2019-02-13, 06:47
Re: www.authorize.net certificate warning in Pale Moon
@Veit Kannegieser
Yes you are right here, I should have written something more complicated according to what I saw, that is, when checking 'web sites' it's never necessary to restart browser, but when unchecking it I had to restart the browser to see a difference, maybe because of caching. As this was complicated and I did not want to take the time to investigate it and shave yet another yakk, I preferred to stay on the safe side and advise to restart the browser.
BTW, this is posted used the latest Palemoon code (./mach run) and the problem is solved here, all problematic sites mentioned here open without this problem. I'm sure that the maintainer tested it just as well, but as he did not say that it will be solved in next release, I'm saying it (unless circonstances force to unroll the unrolling of the unroll, of course, but it's unlikely).
Yes you are right here, I should have written something more complicated according to what I saw, that is, when checking 'web sites' it's never necessary to restart browser, but when unchecking it I had to restart the browser to see a difference, maybe because of caching. As this was complicated and I did not want to take the time to investigate it and shave yet another yakk, I preferred to stay on the safe side and advise to restart the browser.
BTW, this is posted used the latest Palemoon code (./mach run) and the problem is solved here, all problematic sites mentioned here open without this problem. I'm sure that the maintainer tested it just as well, but as he did not say that it will be solved in next release, I'm saying it (unless circonstances force to unroll the unrolling of the unroll, of course, but it's unlikely).
-
Moonchild
- Pale Moon guru
- Posts: 37747
- Joined: 2011-08-28, 17:27
- Location: Motala, SE
Re: www.authorize.net certificate warning in Pale Moon
As a TL;DR here:
What happened is that the trust for the AAA root certificate was revoked for web authorization. Because this broke sites, mainstream moved the trust anchor to the intermediate certificate directly below it (the ssl.com one) by including it in the trust store; because it's in the trust store, the browser will treat it as an authority to be explicitly trusted as an anchor for trust. I've included the intermediate with the previously updated data and it solves the issues because a new (shorter) trust chain is established explicitly for ssl.com -- this does break with the trust model used for certificates by treating an intermediate CA as a pseudo-root, and I don't agree with this exception made for ssl.com instead of properly establishing the root-intermediate(s)-server-client trust chain, but it is what it is.
Yes, this solution will be in the next release of Pale Moon.
What happened is that the trust for the AAA root certificate was revoked for web authorization. Because this broke sites, mainstream moved the trust anchor to the intermediate certificate directly below it (the ssl.com one) by including it in the trust store; because it's in the trust store, the browser will treat it as an authority to be explicitly trusted as an anchor for trust. I've included the intermediate with the previously updated data and it solves the issues because a new (shorter) trust chain is established explicitly for ssl.com -- this does break with the trust model used for certificates by treating an intermediate CA as a pseudo-root, and I don't agree with this exception made for ssl.com instead of properly establishing the root-intermediate(s)-server-client trust chain, but it is what it is.
Yes, this solution will be in the next release of Pale Moon.
"A dead end street is a place to turn around and go into a new direction" - Anonymous
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite