A simple matter of…

Comment from Stephen O’Neill
Time: Wednesday 26 March, 2008, 08:22

Which beta is this - Windows Beta 4 has a link saying “Or you can add an exception…” which then has two buttons “Get me out of here” and “Add an exception”. Clicking the latter takes you to “step 8″ in your stuff above.

I’m surprised that Hardy is including FF3 - will FF3 be out of beta by then or are the Ubuntu guys going to be doing lots of custom work on stability?

Comment from adrian
Time: Wednesday 26 March, 2008, 20:20

It was a pretty recent one - after griping about it before (several months ago) I noticed that the windows one had been substantially improved - you could click the “add an exception” button as you say which takes 80% of the pain away (though you still have click “get certificate” and then add the exception IIRC). I’m very much a DWIM (do what I mean) person - personally I want _very_ few “are you sure?” checks.

Just really annoyed it’s still so dreadful on Hardy

I think FF3 is supposed to be released RSN. To be honest it’s been pretty robust, a few problems with websites, but no crashes for ages. It’s not all doom and gloom - it’s certainly faster.

Comment from Rob Cain
Time: Friday 18 April, 2008, 01:16

Mac beta 5 has the “add exception”… but honestly, it was bad enough when FF2 popped up with that security warning. I don’t think that’s necessary; I think a warning at the top of the window should be sufficient (”The web site you are viewing has a faulty certificate(!), click for details, add exception, ignore”). Anyone not smart enough to check the thing at the top of the window deserves to have their money lost.

Nothing is fool-proof to the sufficiently talented fool; therefore, make the product better for smart people and let the morons continue bottom-feeding because they can’t handle technology.

Comment from Rohit Thomas
Time: Thursday 29 May, 2008, 11:19

Fully agree with the author of this post, security enhancements are cool and much needed but needs to be intuitive too at the same time. End user’s like me for e.g after installing FF3, need to be able to go to the company’s internal website - no matter what - and if the IT department does not use the latest secure technologies - it’s for the company’s IT department to check and upgrade - not the end user’s prerogative…Please FF developers’ - make the necessary changes or else FF3 will lose to competition -

Comment from Maxine
Time: Thursday 29 May, 2008, 21:50

More support from me too. “Get me out of here” and “Add an exception” buttons would probably be a good solution, but they’ve not made it into in rc1… This really does need resolving as it’s really not acceptable at the moment.

Comment from Herman
Time: Monday 23 June, 2008, 12:17

I personally think this is pathetic, things should be made more user friendly, security is good but eventually it will be such a pain doing anything with the way they are doing things. I think IE and Opera are doing it the correct way by giving you options on the page . I just battled to get my own sites allowed. My servers are managed with Webmin using self signed certificates. The first time I tried to add the certificate firefox told me it was an invalid certificate because the reply string was to long, luckily worked the second time but what a pain.

Comment from adrian
Time: Thursday 26 June, 2008, 19:07

Thanks to http://blog.madism.org/index.php/2008/06/26/177-firefox3-and-ssl we can have a bit more control over this, but WTF aren’t they the defaults?

in about:config set:
browser.ssl_override_behavior = 2
This will fetch the cert (rather than asking to click to download it which is stupid - if you want it it means two clicks, if you don’t then cancel - besides, surely it’s downloaded the certificate already since it says it is insecure!)

browser.xul.error_pages.expert_bad_cert = true
display alert rather than staying on the previous page

Comment from katmai
Time: Sunday 29 June, 2008, 15:03

i am having the same issue with my ff3. i have all the links bookmarked for the company intranet, but for me the confirm sec exception does not work at ALL !!! this is plain stupid.

Comment from Stephen Williams
Time: Tuesday 29 July, 2008, 13:39

Thank-you for the guidance and the humour.

Comment from Petrus
Time: Wednesday 30 July, 2008, 03:58

We ran FF3 in various betas, RC1 and now we are on 3.0.1 - and the problem is still there and as nasty as ever. Really, truly, this needs to be fixed and, ought not to be too hard to fix.

Comment from George
Time: Thursday 28 August, 2008, 21:16

Well FF3 still hasn’t fixed this, but got where I needed w/IE8beta2 - in which someone must have read and has incorporated almost verbatim your suggestions for how to solve the problem.
Then Google Search (Firefox + “invalid security certificate”) found your step-by-step. Solved problem for FF. Thanks.
And who was the “unknown issuer” that FF didn’t like?
The DoD (Department of Defense)
Anyway, thanks for help. Leave your “rant” up as long as you can, to help the next poor lost soul.

Comment from adrian
Time: Thursday 28 August, 2008, 21:40

Oh well, shame that Mozilla seem to have developed such a superiority complex over their users

Like the latest stupidity:
http://www.smop.co.uk/blog/index.php/2008/08/25/congratulations-mozilla/

To think I was annoyed when they starting putting in delays before you could open a download because of “security” concerns…

Comment from rusty
Time: Sunday 31 August, 2008, 01:16

Helped me, I’ve been looking around FF3 for how to add an exception for a while now.
THANKS

Comment from Scotch
Time: Tuesday 2 September, 2008, 08:19

Thanks - followed your instructions and sorted the problem out. I was trying to access my domain’s cPanel but kept getting the “not trusted” message. The hosting provider’s knowledgebase says:

“To get rid of this error message, on the bottom of the screen you should see a button that says, “Add Exception…”. Click that and another box should pop up. On that box, you should see the words “Add Security Exception”.

Click on the “Get Certificate” button and then make sure the check mark box for “Permanently store this exception” is checked. On the bottom of the popup window click on Confirm Security Exception. Now it will ask you to confirm. A new box pops up telling you the information must be resent to try to login again - click the “Resend” button and you are done.”

Only problem there’s no button saying “Add Exception…” - I’m using FF 3.0.1. So don’t know how or what you do to get this button showing. Would still mean jumping some hoops, but fewer than the 13 steps above.

Comment from Russell
Time: Friday 5 September, 2008, 00:57

Thanks for this, even though I’m sure it’s not meant to be a “how to”, it acted as one for me. Thanks.

Comment from patrickdrd
Time: Monday 20 October, 2008, 07:37

actually after googling a lot,
found that the bank I work for,
puts her name on every certificate issuer!!!

i.e. when I enter ANY site,
I get the error “issuer certificate is not trusted”
and it’s logical,
since it shows that the issuer for that certificate is always the bank!

The only way to solve this is adding every https site under the bank issuer certificate,
but is there a more “elegant” way of doing this?

Thanks in advance!

Comment from Harald Z.
Time: Thursday 23 October, 2008, 18:29

That was a hard to find setting. I even had to use IE to visit a site, while wondering where the heck I can add an exception like in IE.
Thanks.

Comment from dqj
Time: Sunday 23 November, 2008, 23:51

In any case, your instructions were very helpful. I am now able to get on with my development because I was stymied by a certificate on a development server I didn’t care about. It would have taken me hours, if not days, to find that path through the preferences! Thank you!