Outdated SSL Certificate for https://www.gnucash.org
John Ralls
jralls at ceridwen.us
Thu Jun 16 10:08:39 EDT 2016
> On Jun 16, 2016, at 1:47 AM, Xavier Lagraula <detunizedgravity at gmail.com> wrote:
>
> Hm. No. This is not what I meant. I am well aware of the arguments you are
> making here. My problem is not that I trust my browser more than my own
> judgment. My problem is that I know no practical and reasonable way to
> apply my judgement, and I must make do with what my browser will allow.
>
> To be precise I have tried with both the latest stable versions of FF and
> Edge, and neither allowed me to set an exception in the usual way. Maybe I
> could have lowered my security settings, but I question the relevance of
> such a choice. The fact that *I*, as an I.T. security consultant, may be
> able to find how to do it and live with the consequences, does not
> necessarily make it a reasonable course of action for everyone.
Haven't tried this in Edge, but it definitely works in FF:
Click in the address bar. The URL will be expanded for editing. Move to the left end of the URL and change 'https:' to 'http:'. Press Enter.
No exception required, it opens the URL unencrypted and there is therefore no certificate check.
I'll check again in a bit but I don't think that there are any internal https: links in www.gnucash.org. As I said earlier there's nothing there that needs encrypting. There is a bit of a problem with recently released editions of most browsers that default to using https, but it's not hard to override as I describe above.
As for adding an exception in FF, click Advanced on the Warning page. That extends the box with details of why the certificate was rejected and includes an "Add and Exception" button on the bottom. Click that, a dialog box opens with a "Confirm Security Exception". Click that, done.
Regards,
John Ralls
More information about the gnucash-user
mailing list