This site can’t provide a secure connection
-
Some kit I have to use is "a tad old", and when I try to access it, I just get this message "This site can’t provide a secure connection" with no option to continue. I can understand offering a warning when the site only uses and old (and insecure) encryption method - but I still [b]NEED[/b] to use this site. It's kit about 10 feet from my desk, on my own network, and it does not have a non-SSL option. As I work in IT, this is actually fairly common, we have various bits of legacy kit that we need to work with - and it's well past "annoying" when the tools (Java is another one) simply turn round and tell you "No way, that's not secure" when it's something I [b]NEED[/b] to do. And no, upgrades for the kit are not available. A secondary issue, is where it's a certificate issue, am I missing something or is there no option to say "please remember this certificate and don't warn me again" ? This is the norm with things like customer routers were even if we could upload a valid cert, it's really not worthwhile for something we might not access again for a few years !
-
@Gwen-Dragon:
The problem seems to be the cipher for SSL on your kit? Or is it a unknown, self signed certificate?
Both I suspect - I know the cert is self signed, but normally that's a case of getting a popup that the identity can't be verified etc and I can carry on. This is different - no option to carry on.
Checking the site cert in Safari, it says the Signature Algorithm is SHA-1 with RSA Encryption
Perhaps you cant start Vivaldi with some insecure settings, that helped on my old router months before.
…
Dont visit any other sites with these insecure settings! in Web with such insecure SSL could be cracked and logins stolen.The problem there it just how much of a PITA is is to quit the browser, typically when I've got a load of other windows open, and then quit and relaunch later. Much much easier to just use another browser that "actually works".
-
Well I don't have Chrome installed and don't intend installing it.
On the upside, I've now found out how to pass command line args to a Mac applicationEDIT: But really, the issue comes down to a general message to the devs, it just isn't acceptable to declare <something>as insecure and not allowed when there are legitimate cases where that something is needed. Put up warnings, and even "are you really really sure" second warnings perhaps - but don't just block it and pretend it doesn't exist.</something>
-
@Gwen-Dragon:
The Chromium parameter was meant for Vivaldi Vivaldi can handle chrome:// URLs and Chromium parameters.
Ah, I see. I'll have to try it when I'm in a mood for closing all the session I have open.
Dont blame the Vivaldi devs, they did not implement the security for SSL, thats a problem of Chromium coders.
Ah, I hadn't realised it was the Chrome engine - that explains it since they've gone down the route of "Security trumps needs" since it would seem some people live in an ideal world where every server is capable of being updated. I've found a few threads describing exactly the same problem.
Guess I'll just have to use a browser (built on an engine) that workshttps://productforums.google.com/forum/#!topic/chrome/exlnC6aoHZY
https://groups.google.com/a/chromium.org/forum/#!msg/security-dev/F6ZjP6FnyRE/bK7TKtvnHYsJI could live with nag messages to have to click through each time - I doubt if web sites would get away with telling users to keep ignoring security warnings for long.
-