trinity-users@lists.pearsoncomputing.net

Message: previous - next
Month: November 2011

Re: [trinity-users] 3.5.13: konqueror cannot save site certificates

From: "Timothy Pearson" <kb9vqf@...>
Date: Tue, 8 Nov 2011 16:28:23 -0600
> Am Dienstag, 8. November 2011 schrieb David Hare:
>> On 08/11/11 20:30, Mag. Dr. Nikolaus Klepp wrote:
>> > Am Dienstag, 8. November 2011 schrieb Greg Madden:
>> >> On Tuesday 08 November 2011 12:08:38 am Mag. Dr. Nikolaus Klepp
>> wrote:
>> >>> Could somebody please verify this?
>> >>>
>> >>> Point konqueror to a site with unknown site certificate, e,g,
>> >>> http://www.ba-ca.at/
>> >>>
>> >>> Now the dialog "server authentication ..." pups up.
>> >>>
>> >>> Click on "Continue",
>> >>>
>> >>> Next dialog, click on "Permanent".
>> >>>
>> >>> Close konqeror. Open it again, point it to the same address. Again
>> the
>> >>> dialog "server authentication ..." comes up.
>> >>>
>> >>>
>> >>> Nik.
>> >>
>> >> FWIW,
>> >>
>> >> I get the same behavior you do.
>> >>
>> >> Not sure what this means though, if a site does not have a valid
>> cert,
>> >> can you make it permanent?
>> >
>> > I can't make it permanent, that's the problem.
>>
>> Popup box in konq here (using ssl.....) :
>>
>> "The IP address of the host www.ba-ca.at does not match the one the
>> certificate was issued to."
>>
>> With iceweasel:
>>
>> "This Connection is Untrusted"
>>
>> so can't be a konqueror-specific issue, maybe it's the other end of the
>> line?
>>
>> Sorry can't check this in M$, gave that up several years back.
>
> YOu misunderstand my point: The problem is not that the messagebox "The IP
> address of the host www.ba-ca.at does not match the one the certificate
> was
> issued to." appears. In fact, that's what it is supposed to do. The
> problem
> is, that konqueror does not store the certificate so that I do not get
> that
> messagebox again.
>
> When you click "Continue" on the messagebox, then the next messagebox
> appears
> saying:
>
> "Would you like to accept this certificate forever without being
> prompted?"
>
> Click "Forever" and close konqueror. At this point the site certificate
> should
> have been saved to ~/.trinity/share/config/ksslpolicies - but it is not.
>
> Now restart konqueror, go to the same address as before and you get the
> messagebox "The IP address of the host www.ba-ca.at does not match the one
> the certificate was issued to." - which should not appear as the site
> certificate should have been stored in
> ~/.trinity/share/config/ksslpolicies.
>
> This problem is quite anoying, as it appears on all self certified sites
> and
> sites.
>
> Nik
>

And I can confirm the bug.  Have you filed a bug report for this?

Tim

powered by ezmlm-www (v1.4.5)