Override to accept invalid certificates missing



  • It appears Vivaldi has certificate issues and has removed the ability to override invalid/bad certificates.

    Trying to access https://www.defensetravel.dod.mil/site/bahCalc.cfm

    • Vivaldi (running latest snapshot 1525.37) shows invalid certificate.

    • Chrome (running latest official and tested the latest beta) accesses the site without issue.

    • Firefox (running latest version) states the certificate is invalid, but has the ability to override.

    Since Vivaldi is based on Chromium the same as Chrome, why is it having trouble accessing the site when Chrome doesn't? Why isn't there an override?

    And yes, I know about the whole Symantec thing, but that has passed since last year and is evident by the fact Chrome doesn't have an issue.

    So, any ideas on how to get the override back or get the site to work as it has proven to in other browsers?

    Not that all the UI stuff isn't nice to have, but it isn't needed and it seems too much focus is being put on that (such as the completely unnecessary and useless Razor Chroma, something practically no one has) and not enough on making truly functioning browser (I've submitted 3 bugs, 2 of which are minor, thus far with only one receiving a reply thus far... and yes, I know there are more pressing bugs to deal with).

    I believe the Vivaldi team can make one of the best browsers out there, but not if they waste time on unnecessary things and especially not if they regress (thus falling behind other browsers) on various other things in the process.



  • @cmstazan Yes, so many important issues to address, but at least this one has been fixed.

    Click on the Advanced button, then proceed to the site.

    0_1557722508232_Proceed.png



  • @Pesala Sorry, but no.

    0_1557722751938_2019-05-12 23.45.28 www.defensetravel.dod.mil 8015d1a10ed1.png



  • @cmstazan I tested in the latest snapshot and in 2.5 Stable. Both work for me.

    0_1557722965358_DTMO.png


    Specs: AMD A10-6800K, 8 Gb on Win 10 64-bit 1809 build 17763.475 • Snapshot 2.5.1525.37 (64-bit)

    What are you privacy settings? These are mine, and I do not block Third-party Cookies.

    0_1557723107323_Privacy.png



  • @Pesala I've tried adjusting settings, including with full and without any form of blocking/filtering. Tried in private browser mode on both full install and standalone install (which there appears to be a drastic functionality difference between the two). Tried with and without VPN. Tried on multiple computers, including a linux machine.

    Results are the same, site is inaccessible.

    Third-party cookies mean nothing when there are none. It is a government-DOD website after all.

    As for system specs:

    • i7-6600U

    • 16 gb

    • Win 10 pro x64 1809 (same build)


  • Moderator

    Hi @cmstazan

    The difference is that the screenshot from @Pesala shows an invalid issuing authority, but the certificate itself is fine.

    In your example, the certificate is simply invalid. You should contact the webmaster to fix this.

    You can see this by comparing the errors codes in the screenshots.


  • Moderator

    This site has problem on all browsers (Firefox, Chrome, Edge, Vivaldi, Opera) showing that the certificate is invalid, has unknown signer.

    Please contact webmaster/owner of the site.
    There is a certificate of DoD Root CA 3 on the PC missing.

    Untested:
    Goto https://iase.disa.mil/pki-pke/Pages/tools.aspx
    Hit Esc to get away from login popup
    Download InstallRoot 5.2: NIPR Windows Installer
    https://iasecontent.disa.mil/pki-pke/unclass-rg-installroot_5_2_niprnet_user_guide.pdf
    May be for your OS PKI CA Certificate Bundles: PKCS#7 may be useful (uncompress and add the certificates to you OS)



  • @Gwen-Dragon Except, it is accessible in Chrome and Firefox on my end.

    The main issue on this post isn't the certificate, it is there is no way to override in Vivaldi for this issue, which is ridiculous.

    I don't particularly care to install government software on my machines. It is one thing to use a government, another entirely different thing to actually install their stuff.



  • @LonM Yes, but where is the override to get around it? That is the main issue: that there is no override (going an hunting down certificates is not a solution). I don't care about the certificate, nothing important can or is being entered onto that site, it is merely a lookup page. Because of that, the specific page doesn't technically really need a certificate at all. But regardless of that, there should always be an override.

    Contacting webmasters isn't the simplest nor the most reliable thing out there, especially government ones.


  • Moderator

    @cmstazan I'm not sure. Trying the link just now, I get the option to bypass the warning.

    Do you have any 3rd party software installed on your machine or network that might be interfering? Maybe if you do, they don't recognise vivaldi and think it is malware so are messing with the connection.


  • Moderator

    @cmstazan said in Override to accept invalid certificates missing:

    The main issue on this post isn't the certificate, it is there is no way to override in Vivaldi for this issue

    I can visit the site without installing a certificate, i can hit Proceed after certificate warning. Checked on Windows and Linux, with 2.5 Snapshot, 2.5 Stable and Internal version.

    May be your Internet Security or Antivirus scanning/breaking something on SSL?



  • @LonM @Gwen-Dragon Besides basic internet security suite (antivirus, firewall, malware protection), nothing that would interfere, Vivaldi is green-lit in it and nothing in the logs.


 

Looks like your connection to Vivaldi Forum was lost, please wait while we try to reconnect.