Re: How to Manage Invalid/Override Security certificate
Arnie Goetchius wrote: Daniel wrote: Arnie Goetchius wrote: After successfully logging in to United Healthcare web site, I select the option Find Providers When I do, I get the message that that page is not trusted and the Technical Details states that it using an invalid certificate (See below) Is there any way I can modify anything in SM (2.22.1) Manage Certificates to work around this? FWIW, I have similar problems with IE8, Firefox and Google Chrome. Technical Details epcp-prod-e-eprovider.uhc.com uses an invalid security certificate. The certificate is only valid for epcprod-e.uhc.com (Error code: ssl_error_bad_cert_domain) Arnie, I just clicked on a link for OpenMandriva 2014 and got a This Connection is Untrusted screen, which gave me the options of... What Should I Do?? Technical Details I Understand the Risks When I clicked I Understand the Risks, it showed a couple of paragraphs of info and a Add Exception button, which I clicked and that gave me a sub-screen where I could Get Certificate, View Certificate Status or Confirm Security Exception, which I did and the page I wanted loaded. Did you not see the Connection Untrusted screen?? I don't get the I Understand the Risks or Add Exception screens (I used to on previous versions of SM). I am running SM 2.22.1 on Windows 7 64 bit. I did talk to United Healthcare Tech Support and they are aware of the problem. Still don't know why I don't get the screens. I didn't get it with SM 2.22B1, or for many versions before, but I've just upgraded to SM 2.23B1 and did get it! -- Daniel User agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0 SeaMonkey/2.22 Build identifier: 20131023190953 or User agent: Mozilla/5.0 (X11; Linux x86_64; rv:25.0) Gecko/20100101 Firefox/25.0 SeaMonkey/2.22 Build identifier: 20131023190942 ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: How to Manage Invalid/Override Security certificate
Hartmut Figge wrote: David E. Ross: I believe the I Understand the Risks or Add Exception were intentionally removed some versions ago in an attempt to discourage users from accepting discrepant site certificates. Instead, the convoluted process that I described earlier in this thread is the only way to make exceptions. This screenshot was just taken with the latest trunk SM. http://www.triffids.de/pub/screenshot/sm131210.png Hartmut Thanks for posting that, Hartmut ... I think I did a reasonably job of describing it!! ;-) -- Daniel User agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0 SeaMonkey/2.22 Build identifier: 20131023190953 or User agent: Mozilla/5.0 (X11; Linux x86_64; rv:25.0) Gecko/20100101 Firefox/25.0 SeaMonkey/2.22 Build identifier: 20131023190942 ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: How to Manage Invalid/Override Security certificate
Daniel wrote: Arnie Goetchius wrote: Daniel wrote: Arnie Goetchius wrote: After successfully logging in to United Healthcare web site, I select the option Find Providers When I do, I get the message that that page is not trusted and the Technical Details states that it using an invalid certificate (See below) Is there any way I can modify anything in SM (2.22.1) Manage Certificates to work around this? FWIW, I have similar problems with IE8, Firefox and Google Chrome. Technical Details epcp-prod-e-eprovider.uhc.com uses an invalid security certificate. The certificate is only valid for epcprod-e.uhc.com (Error code: ssl_error_bad_cert_domain) Arnie, I just clicked on a link for OpenMandriva 2014 and got a This Connection is Untrusted screen, which gave me the options of... What Should I Do?? Technical Details I Understand the Risks When I clicked I Understand the Risks, it showed a couple of paragraphs of info and a Add Exception button, which I clicked and that gave me a sub-screen where I could Get Certificate, View Certificate Status or Confirm Security Exception, which I did and the page I wanted loaded. Did you not see the Connection Untrusted screen?? I don't get the I Understand the Risks or Add Exception screens (I used to on previous versions of SM). I am running SM 2.22.1 on Windows 7 64 bit. I did talk to United Healthcare Tech Support and they are aware of the problem. Still don't know why I don't get the screens. I didn't get it with SM 2.22B1, or for many versions before, but I've just upgraded to SM 2.23B1 and did get it! what can you do without /dev/null ? Ubunti ? -- Gertjan Vinkesteijn http://ciudadpatricia.com Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Firefox/24.0 SeaMonkey/2.21 on Fedora19 @ redhat.com /* * Oops. The kernel tried to access some bad page. We'll have to * terminate things with extreme prejudice. */ die_if_kernel(Oops, regs, error_code); -- From linux/arch/i386/mm/fault.c ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: How to Manage Invalid/Override Security certificate
Daniel: Hartmut Figge wrote: This screenshot was just taken with the latest trunk SM. http://www.triffids.de/pub/screenshot/sm131210.png Thanks for posting that, Hartmut ... I think I did a reasonably job of describing it!! ;-) Yes, you did. A screenshot is easier for lazy people like me. ;) Hartmut ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: How to Manage Invalid/Override Security certificate
Hartmut Figge wrote: David E. Ross: I believe the I Understand the Risks or Add Exception were intentionally removed some versions ago in an attempt to discourage users from accepting discrepant site certificates. Instead, the convoluted process that I described earlier in this thread is the only way to make exceptions. This screenshot was just taken with the latest trunk SM. http://www.triffids.de/pub/screenshot/sm131210.png Hartmut I don't know what the latest trunk is but the latest version I am using is 2.22.1 and the list line of the screen is Technical Details. There is nothing below it. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: How to Manage Invalid/Override Security certificate
Arnie Goetchius: Hartmut Figge wrote: This screenshot was just taken with the latest trunk SM. http://www.triffids.de/pub/screenshot/sm131210.png I don't know what the latest trunk is A SM built from the latest source. A snapshot from the development. At the moment i am using a SM 2.26a1. but the latest version I am using is 2.22.1 and the list line of the screen is Technical Details. There is nothing below it. It may be a problem with 2.22.1. Or with your profile. Or your OS. Or your theme. Or... *g* Anyway, someone using 2.22.1 should chime in. Hartmut ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: How to Manage Invalid/Override Security certificate
On 12/8/2013 5:58 AM, David E. Ross wrote: On 12/7/2013 12:53 PM, Arnie Goetchius wrote: After successfully logging in to United Healthcare web site, I select the option Find Providers When I do, I get the message that that page is not trusted and the Technical Details states that it using an invalid certificate (See below) Is there any way I can modify anything in SM (2.22.1) Manage Certificates to work around this? FWIW, I have similar problems with IE8, Firefox and Google Chrome. Technical Details epcp-prod-e-eprovider.uhc.com uses an invalid security certificate. The certificate is only valid for epcprod-e.uhc.com (Error code: ssl_error_bad_cert_domain) 1. Copy the complete domain of the URI (possibly epcp-prod-e-eprovider.uhc.com, but possibly not). 2. On the SeaMonkey menu bar, select [Edit Preferences]. 3. On the left side of the Preference window, select [Privacy Security Certificates]. 4. On the Certificates pane, select the Manage Certificates button. 5. On the Certificate Manager window, select the Servers tab. 6. On the Servers tab, select the Add Exception button. 7. On the Add Security Exception window, enter the complete domain in the Location input area. 8. Select the Get Certificate button. 9. Select the Permanently store this exception checkbox to insert a checkmark and then the Confirm Security Exception button. 10. Close down the various windows by selecting OK buttons. I am sure it would be appreciated if you were to send your problem to the United Health Group at doma...@uhc.com with cc: to ip_addr...@uhg.com. You might also try calling them at (952)936-1300. This is a nasty bug in both Fx recently and SeaMonkey with the bottom of the window being cutoff accidentally. I would not be able to use your method because I disable all Comodo/comodo related certs in all browsers since December 2008 and also disable GoDaddy certs. That's a lot of certs for a lot of sites (since Comodo is too large to be allowed to fail and that's a main reason Mozilla did not yank them out of Fx in December 2008 over the Eddie Nigg incident). I depend on that popup window to work correctly. It does so in Opera 12.15 and IE 10. It used to work correctly in Fx and SeaMonkey. I expect that popup window to allow me to override the problem which is a deliberate one of my own making for security reasons. Frequently, I do NOT wish to make a permanent exception and this fact makes this bug even worse. I am not going to enable Comodo/Comodo related certs except one by one on whatever sites use them and I want to know as I might choose to not use a site that uses a Comodo cert. Same for Go-Daddy which is a sloppy, sleazy cert provider (but not as bad as Comodo) and GoDaddy loves to certify malware ridden sites so to protect myself I wish to know anytime a site is going to use a GoDaddy cert and I probably just won't go to the site at all or just that once (thus not needing permanent exception) and I will be on full alert knowing the site is using GoDaddy. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: How to Manage Invalid/Override Security certificate
Desiree wrote: On 12/8/2013 5:58 AM, David E. Ross wrote: On 12/7/2013 12:53 PM, Arnie Goetchius wrote: After successfully logging in to United Healthcare web site, I select the option Find Providers When I do, I get the message that that page is not trusted and the Technical Details states that it using an invalid certificate (See below) Is there any way I can modify anything in SM (2.22.1) Manage Certificates to work around this? FWIW, I have similar problems with IE8, Firefox and Google Chrome. Technical Details epcp-prod-e-eprovider.uhc.com uses an invalid security certificate. The certificate is only valid for epcprod-e.uhc.com (Error code: ssl_error_bad_cert_domain) 1. Copy the complete domain of the URI (possibly epcp-prod-e-eprovider.uhc.com, but possibly not). 2. On the SeaMonkey menu bar, select [Edit Preferences]. 3. On the left side of the Preference window, select [Privacy Security Certificates]. 4. On the Certificates pane, select the Manage Certificates button. 5. On the Certificate Manager window, select the Servers tab. 6. On the Servers tab, select the Add Exception button. 7. On the Add Security Exception window, enter the complete domain in the Location input area. 8. Select the Get Certificate button. 9. Select the Permanently store this exception checkbox to insert a checkmark and then the Confirm Security Exception button. 10. Close down the various windows by selecting OK buttons. I am sure it would be appreciated if you were to send your problem to the United Health Group at doma...@uhc.com with cc: to ip_addr...@uhg.com. You might also try calling them at (952)936-1300. This is a nasty bug in both Fx recently and SeaMonkey with the bottom of the window being cutoff accidentally. I would not be able to use your method because I disable all Comodo/comodo related certs in all browsers since December 2008 and also disable GoDaddy certs. That's a lot of certs for a lot of sites (since Comodo is too large to be allowed to fail and that's a main reason Mozilla did not yank them out of Fx in December 2008 over the Eddie Nigg incident). I depend on that popup window to work correctly. It does so in Opera 12.15 and IE 10. It used to work correctly in Fx and SeaMonkey. I expect that popup window to allow me to override the problem which is a deliberate one of my own making for security reasons. Frequently, I do NOT wish to make a permanent exception and this fact makes this bug even worse. I am not going to enable Comodo/Comodo related certs except one by one on whatever sites use them and I want to know as I might choose to not use a site that uses a Comodo cert. Same for Go-Daddy which is a sloppy, sleazy cert provider (but not as bad as Comodo) and GoDaddy loves to certify malware ridden sites so to protect myself I wish to know anytime a site is going to use a GoDaddy cert and I probably just won't go to the site at all or just that once (thus not needing permanent exception) and I will be on full alert knowing the site is using GoDaddy. -- Gertjan Vinkesteijn http://ciudadpatricia.com Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Firefox/24.0 SeaMonkey/2.21 on Fedora19 @ redhat.com /* * Oops. The kernel tried to access some bad page. We'll have to * terminate things with extreme prejudice. */ die_if_kernel(Oops, regs, error_code); -- From linux/arch/i386/mm/fault.c ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: How to Manage Invalid/Override Security certificate
Arnie Goetchius wrote: After successfully logging in to United Healthcare web site, I select the option Find Providers When I do, I get the message that that page is not trusted and the Technical Details states that it using an invalid certificate (See below) Is there any way I can modify anything in SM (2.22.1) Manage Certificates to work around this? FWIW, I have similar problems with IE8, Firefox and Google Chrome. Technical Details epcp-prod-e-eprovider.uhc.com uses an invalid security certificate. The certificate is only valid for epcprod-e.uhc.com (Error code: ssl_error_bad_cert_domain) Arnie, I just clicked on a link for OpenMandriva 2014 and got a This Connection is Untrusted screen, which gave me the options of... What Should I Do?? Technical Details I Understand the Risks When I clicked I Understand the Risks, it showed a couple of paragraphs of info and a Add Exception button, which I clicked and that gave me a sub-screen where I could Get Certificate, View Certificate Status or Confirm Security Exception, which I did and the page I wanted loaded. Did you not see the Connection Untrusted screen?? -- Daniel User agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0 SeaMonkey/2.22 Build identifier: 20131023190953 or User agent: Mozilla/5.0 (X11; Linux x86_64; rv:25.0) Gecko/20100101 Firefox/25.0 SeaMonkey/2.22 Build identifier: 20131023190942 ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: How to Manage Invalid/Override Security certificate
Daniel wrote: Arnie Goetchius wrote: After successfully logging in to United Healthcare web site, I select the option Find Providers When I do, I get the message that that page is not trusted and the Technical Details states that it using an invalid certificate (See below) Is there any way I can modify anything in SM (2.22.1) Manage Certificates to work around this? FWIW, I have similar problems with IE8, Firefox and Google Chrome. Technical Details epcp-prod-e-eprovider.uhc.com uses an invalid security certificate. The certificate is only valid for epcprod-e.uhc.com (Error code: ssl_error_bad_cert_domain) Arnie, I just clicked on a link for OpenMandriva 2014 and got a This Connection is Untrusted screen, which gave me the options of... What Should I Do?? Technical Details I Understand the Risks When I clicked I Understand the Risks, it showed a couple of paragraphs of info and a Add Exception button, which I clicked and that gave me a sub-screen where I could Get Certificate, View Certificate Status or Confirm Security Exception, which I did and the page I wanted loaded. Did you not see the Connection Untrusted screen?? I don't get the I Understand the Risks or Add Exception screens (I used to on previous versions of SM). I am running SM 2.22.1 on Windows 7 64 bit. I did talk to United Healthcare Tech Support and they are aware of the problem. Still don't know why I don't get the screens. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: How to Manage Invalid/Override Security certificate
On 12/9/2013 3:54 PM, Arnie Goetchius wrote: Daniel wrote: Arnie Goetchius wrote: After successfully logging in to United Healthcare web site, I select the option Find Providers When I do, I get the message that that page is not trusted and the Technical Details states that it using an invalid certificate (See below) Is there any way I can modify anything in SM (2.22.1) Manage Certificates to work around this? FWIW, I have similar problems with IE8, Firefox and Google Chrome. Technical Details epcp-prod-e-eprovider.uhc.com uses an invalid security certificate. The certificate is only valid for epcprod-e.uhc.com (Error code: ssl_error_bad_cert_domain) Arnie, I just clicked on a link for OpenMandriva 2014 and got a This Connection is Untrusted screen, which gave me the options of... What Should I Do?? Technical Details I Understand the Risks When I clicked I Understand the Risks, it showed a couple of paragraphs of info and a Add Exception button, which I clicked and that gave me a sub-screen where I could Get Certificate, View Certificate Status or Confirm Security Exception, which I did and the page I wanted loaded. Did you not see the Connection Untrusted screen?? I don't get the I Understand the Risks or Add Exception screens (I used to on previous versions of SM). I am running SM 2.22.1 on Windows 7 64 bit. I did talk to United Healthcare Tech Support and they are aware of the problem. Still don't know why I don't get the screens. I believe the I Understand the Risks or Add Exception were intentionally removed some versions ago in an attempt to discourage users from accepting discrepant site certificates. Instead, the convoluted process that I described earlier in this thread is the only way to make exceptions. All this proves that creating a nanny state is not a government monopoly. -- David E. Ross http://www.rossde.com/ Where does your elected official stand? Which politicians refuse to tell us where they stand? See the non-partisan Project Vote Smart at http://votesmart.org/. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: How to Manage Invalid/Override Security certificate
David E. Ross: I believe the I Understand the Risks or Add Exception were intentionally removed some versions ago in an attempt to discourage users from accepting discrepant site certificates. Instead, the convoluted process that I described earlier in this thread is the only way to make exceptions. This screenshot was just taken with the latest trunk SM. http://www.triffids.de/pub/screenshot/sm131210.png Hartmut ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: How to Manage Invalid/Override Security certificate
In news:oi6dnst9louoxtvpnz2dnuvz_osdn...@mozilla.org, Arnie Goetchius arnie.goetchius@invalid.domain wrote: Daniel wrote: Arnie Goetchius wrote: After successfully logging in to United Healthcare web site, I select the option Find Providers When I do, I get the message that that page is not trusted and the Technical Details states that it using an invalid certificate (See below) Is there any way I can modify anything in SM (2.22.1) Manage Certificates to work around this? FWIW, I have similar problems with IE8, Firefox and Google Chrome. Technical Details epcp-prod-e-eprovider.uhc.com uses an invalid security certificate. The certificate is only valid for epcprod-e.uhc.com (Error code: ssl_error_bad_cert_domain) Arnie, I just clicked on a link for OpenMandriva 2014 and got a This Connection is Untrusted screen, which gave me the options of... What Should I Do?? Technical Details I Understand the Risks When I clicked I Understand the Risks, it showed a couple of paragraphs of info and a Add Exception button, which I clicked and that gave me a sub-screen where I could Get Certificate, View Certificate Status or Confirm Security Exception, which I did and the page I wanted loaded. Did you not see the Connection Untrusted screen?? I don't get the I Understand the Risks or Add Exception screens (I used to on previous versions of SM). I am running SM 2.22.1 on Windows 7 64 bit. I did talk to United Healthcare Tech Support and they are aware of the problem. Still don't know why I don't get the screens. I also don't know why you don't get the I Understand the Risks option; it should be on the same screen where you see the Technical Details. I do get all the options, using SM 2.22.1 with GNU/Linux, and Hartmut's just posted that he gets them with the latest trunk SM. I would try visiting the site in safe mode; hopefully in safe mode, you'll get be able to add the exception permanently, then you could go back to normal operation. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: How to Manage Invalid/Override Security certificate
andré wrote: Arnie Goetchius a écrit : After successfully logging in to United Healthcare web site, I select the option Find Providers When I do, I get the message that that page is not trusted and the Technical Details states that it using an invalid certificate (See below) Is there any way I can modify anything in SM (2.22.1) Manage Certificates to work around this? FWIW, I have similar problems with IE8, Firefox and Google Chrome. Technical Details epcp-prod-e-eprovider.uhc.com uses an invalid security certificate. The certificate is only valid for epcprod-e.uhc.com (Error code: ssl_error_bad_cert_domain) Near the bottom of the message, there should be a button which lets you, after a few questions, permanently accept the certificat. The questions are a little obscure (and misleading), but you can end up accepting the invalid certificate. Once accepted, it will always be accepted (for the site in question, at least). In older versions of SM, there was a button that let you accept the certificate. There is no such button in the current version. The only button at the bottom of the page states This sounds bad, take me to my homepage instead When I click on that, it takes me to http://www.seamonkey-project.org/start/ Not where I want to be at all. Bottom line is that you can no longer accept a bad certificate so I can't find the health care providers listed on my insurance company's web site. WTF, is Obamacare using SM for its front end :-) ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: How to Manage Invalid/Override Security certificate
On 12/7/2013 12:53 PM, Arnie Goetchius wrote: After successfully logging in to United Healthcare web site, I select the option Find Providers When I do, I get the message that that page is not trusted and the Technical Details states that it using an invalid certificate (See below) Is there any way I can modify anything in SM (2.22.1) Manage Certificates to work around this? FWIW, I have similar problems with IE8, Firefox and Google Chrome. Technical Details epcp-prod-e-eprovider.uhc.com uses an invalid security certificate. The certificate is only valid for epcprod-e.uhc.com (Error code: ssl_error_bad_cert_domain) 1. Copy the complete domain of the URI (possibly epcp-prod-e-eprovider.uhc.com, but possibly not). 2. On the SeaMonkey menu bar, select [Edit Preferences]. 3. On the left side of the Preference window, select [Privacy Security Certificates]. 4. On the Certificates pane, select the Manage Certificates button. 5. On the Certificate Manager window, select the Servers tab. 6. On the Servers tab, select the Add Exception button. 7. On the Add Security Exception window, enter the complete domain in the Location input area. 8. Select the Get Certificate button. 9. Select the Permanently store this exception checkbox to insert a checkmark and then the Confirm Security Exception button. 10. Close down the various windows by selecting OK buttons. I am sure it would be appreciated if you were to send your problem to the United Health Group at doma...@uhc.com with cc: to ip_addr...@uhg.com. You might also try calling them at (952)936-1300. -- David E. Ross http://www.rossde.com/ Where does your elected official stand? Which politicians refuse to tell us where they stand? See the non-partisan Project Vote Smart at http://votesmart.org/. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: How to Manage Invalid/Override Security certificate
Arnie Goetchius a écrit : After successfully logging in to United Healthcare web site, I select the option Find Providers When I do, I get the message that that page is not trusted and the Technical Details states that it using an invalid certificate (See below) Is there any way I can modify anything in SM (2.22.1) Manage Certificates to work around this? FWIW, I have similar problems with IE8, Firefox and Google Chrome. Technical Details epcp-prod-e-eprovider.uhc.com uses an invalid security certificate. The certificate is only valid for epcprod-e.uhc.com (Error code: ssl_error_bad_cert_domain) Near the bottom of the message, there should be a button which lets you, after a few questions, permanently accept the certificat. The questions are a little obscure (and misleading), but you can end up accepting the invalid certificate. Once accepted, it will always be accepted (for the site in question, at least). -- André ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
