[Solved] Mozilla Light Problems with Secure Sites

Message

johnywhy · #1 Post by **johnywhy** » Tue 31 Jul 2018, 17:17

Mozilla Light on xtahr works great EXCEPT with certain secure sites. Authenticated Google sites especially won't load, even after i accept all certs.

Any fixes?

peebee · #2 Post by **peebee** » Tue 31 Jul 2018, 18:50

johnywhy wrote:Mozilla Light on xtahr works great EXCEPT with certain secure sites. Authenticated Google sites especially won't load, even after i accept all certs.

Any fixes?

I fixed this for Light on UupBB - see:
http://murga-linux.com/puppy/viewtopic. ... 974#987974

by adding a predefined profile with a new cert authority.....I can probably point you to the files within the UpupBB .iso.....

johnywhy · #3 Post by **johnywhy** » Tue 31 Jul 2018, 19:26

peebee wrote:adding a predefined profile with a new cert authority

awesome!

Fix 1 (Google sites only)

Click the link below. That will cause Light to import the new google cert automatically:

https://secure.globalsign.net/cacert/Root-R2.crt

more info here:

https://textslashplain.com/2017/10/23/g ... hority-g3/

Google sites load now, np. Great!

thx!

johnywhy · #4 Post by **johnywhy** » Tue 31 Jul 2018, 19:42

more fixes below. Let us know what works for you.

a_salty_dogg · #5 Post by **a_salty_dogg** » Tue 31 Jul 2018, 19:59

I had this exact problem in Tahr 6.03 (Light 49 refused to load all Google-owned sites).

Fixed it by by exporting the following certificates from a different browser's Certificates Manager (I used Palemoon) from "Preferences > Advanced > Certificates > View Certificates > Authorities" and then importing them into Light...

GoogleInternetAuthorityG2.crt
GoogleInternetAuthorityG3.crt

Don't know if I did the right thing, or if it's safe, but it worked!

johnywhy · #6 Post by **johnywhy** » Tue 31 Jul 2018, 20:29

another solution that might work, haven't tried it yet:

Open this chrome URI by pasting or typing this URI in the location/address bar to open the window to check the certificate:

chrome://pippki/content/exceptionDialog.xul

In the location field enter the URL of the website

retrieve the certificate via the "Get certificate" button
inspect the certificate via the "View..." button

https://support.mozilla.org/en-US/questions/1205401

johnywhy · #7 Post by **johnywhy** » Tue 31 Jul 2018, 20:34

yet another possible fix. This seemed to give me access to https://mozilla, tho' the pages look funny:

1. exit browser
2. in file manager, go to
/root/.light/light/
3. open profile folder (long number)
4. delete prefs.js
5. restart browser

johnywhy · #8 Post by **johnywhy** » Tue 31 Jul 2018, 20:36

and another possible fix:

1. Open Firefox's about:config
2. Set security.tls.insecure_fallback_hosts = www.domain.com (substitute the domain you're having the problem with)
3. Reload the page. May need to restart browser.

https://superuser.com/a/916880

johnywhy · #9 Post by **johnywhy** » Tue 31 Jul 2018, 20:39

another!

temporarily disable SSL in webmin by setting ssl=0 in /etc/webmin/miniserv.conf and restart webmin with "/etc/init.d/webmin restart". Just login to the Webmin web UI and select: Webmin -> Webmin Configuration -> SSL Encryption -> Self Signed Certificate. Fill in the form (or leave the defaults) and then click the Create Now button. If you temporarily disabled ssl enable it with ssl=1 in /etc/webmin/miniserv.conf and restart webmin with "/etc/init.d/webmin restart".

https://superuser.com/a/827954

johnywhy · #10 Post by **johnywhy** » Tue 31 Jul 2018, 20:55

yet another:

1. Install Firefox addon from https://addons.mozilla.org/en-US/firefo ... /versions/
2. Give a hostname cisco or anything as you may deem fine to IP 192.168.1.100 in hosts file
3. Access https://cisco in the Firefox browser
4. On the Certificate Error Page Look for a Red Perspectives Icon on the Right Hand Lower Corner of Firefox browser window.
5. Right Click on the Icon and Choose Add to WhiteList
6. Confirm Adding to Whitelist in the Dialog Box.

https://www.experts-exchange.com/questi ... refox.html

johnywhy · #11 Post by **johnywhy** » Tue 31 Jul 2018, 21:06

a_salty_dogg wrote:Fixed it by by exporting the following certificates from a different browser

this page says to use DER format
https://support.mozilla.org/en-US/questions/1068675

johnywhy · #12 Post by **johnywhy** » Tue 31 Jul 2018, 21:14

might be useful:

"This preference enables some extra UI on the SSL error page that makes it easier to accept an invalid certificate."

1. go to about:config
2. search for bad_cert
3. set this setting to true:
browser.xul.error_pages.expert_bad_cert

http://kb.mozillazine.org/Browser.xul.e ... t_bad_cert

a_salty_dogg · #13 Post by **a_salty_dogg** » Tue 31 Jul 2018, 22:09

johnywhy wrote:
this page says to use DER format

Nope, they definitely exported (and imported to Light) as .crt files. Maybe Windoze is different?

I'd kept them in a folder in case I may need them again for the same reason in any other of my Puppys and checked it before I posted for you.

Many thanks for all the alternative solutions which you found (probably all more legitimate than my rough and ready home-made one too

)
Bookmarked the thread should I ever need them.

(old)Puppy Linux Discussion Forum

(old)Puppy Linux Discussion Forum

[Solved] Mozilla Light Problems with Secure Sites

[Solved] Mozilla Light Problems with Secure Sites

Re: Mozilla Light Problems with Secure Sites on xtahr

Re: Mozilla Light Problems with Secure Sites on xtahr

Re: Mozilla Light Problems with Secure Sites on xtahr