SSL/TLS Certificate Issue - How to Ignore?

Topic: SSL/TLS Certificate Issue - How to Ignore? (Read 3404 times)

SSL/TLS Certificate Issue - How to Ignore?

2018-06-06, 06:45:33

We are facing SSL/TLS certificate issue. I found this solution (https://github.com/OtterBrowser/otter-browser/issues/550v) but i belive this is for Webkit backend (not for Webengine). So by default accept self signed certificate. Is there any way to completely ignore SSL/TSL error? In about:config 'IgnoreSslError' does not take 'default' or how to assign list?

Re: SSL/TLS Certificate Issue - How to Ignore?

Reply #1 – 2018-07-11, 04:27:00

Anybody sorted out this?

Re: SSL/TLS Certificate Issue - How to Ignore?

Reply #2 – 2018-07-11, 07:53:57

Hello mad_king.

The old lightweight Opera Presto (12.x version) was my favorite browser.

After reading this Softpedia review (and several others) it seemed like Otter browser with a modern
Blink-WebKit engine was the perfect replacement.

http://www.softpedia.com/get/Internet/Browsers/Otter-Browser.shtml

I stopped using Opera Presto because there was no way to disable endless "Security Issue" warning
messages. (See attached image.)

If I understand your post correctly, are you saying that Otter has the same problem with erroneous
security messages and there is no way to disable this feature?

Re: SSL/TLS Certificate Issue - How to Ignore?

Reply #3 – 2018-07-11, 13:34:07

Basically my intention is just ignore SSL/TLS security. In google chrome, we can ignore SSL errors. I am expecting similar behavior.
In about.config, we can ignore SSL error by setting IgnoreSSL but it takes list so my question is how to assign list.

Either we need to assign self signed certificate or ignore SSL error. I am trying to ignore it.

IMO we can disable security message in otter.

Re: SSL/TLS Certificate Issue - How to Ignore?

Reply #4 – 2018-07-11, 17:36:52

Check this thread.

Security\IgnoreSslErrors will be set in your config/override.ini file.

Re: SSL/TLS Certificate Issue - How to Ignore?

Reply #5 – 2018-07-11, 22:48:18

I had to google the acronym IMO:
"IMO has one popular meaning. It only means in my opinion."

There must be an about:config edit or a box I can untick that will completely disable those
security warning messages. Before I download and install Otter, I need a 100% certain yes
or no about disabling those messages. If yes, give me the exact procedure.

I know a lot about browsers because I've used several dozen. However, I am not a programming
expert. I can easily edit about:config, but I cannot write code. If there is a way to disable
those security messages it must be relatively simple.

Thanks guys.

Re: SSL/TLS Certificate Issue - How to Ignore?

Reply #6 – 2018-07-13, 08:24:55

@beastie Does config/override.ini take a "*" for *everything*?

Re: SSL/TLS Certificate Issue - How to Ignore?

Reply #7 – 2018-07-13, 11:53:28

Quote from: pantoframe on 2018-07-11, 22:48:18

I had to google the acronym IMO:
"IMO has one popular meaning. It only means in my opinion."

There must be an about:config edit or a box I can untick that will completely disable those
security warning messages. Before I download and install Otter, I need a 100% certain yes
or no about disabling those messages. If yes, give me the exact procedure.

I know a lot about browsers because I've used several dozen. However, I am not a programming
expert. I can easily edit about:config, but I cannot write code. If there is a way to disable
those security messages it must be relatively simple.

Thanks guys.

You can disable through NetworkManager.cpp by commenting code. I am not sure whether its possible through about.config.

Re: SSL/TLS Certificate Issue - How to Ignore?

Reply #8 – 2018-07-13, 12:58:44

It does not appear to have any effect of QsslError for webengine backend.

Managing Certificates
Qt WebEngine uses its own network stack, and therefore QSslConfiguration is not used to open SSL connections. Instead, Qt WebEngine uses the root CA certificates from the operating system to validate the peer's certificate.
The WebEngineCertificateError::error and QWebEngineCertificateError::Error enumerations provide information about the types of certificate errors that might occur. The errors can be handled by using the WebEngineView::certificateError QML method or by reimplementing the QWebEnginePage::certificateError function.

Source QT forum

Re: SSL/TLS Certificate Issue - How to Ignore?

Reply #9 – 2018-07-13, 18:17:18

Quote from: pantoframe on 2018-07-11, 22:48:18

There must be an about:config edit or a box I can untick that will completely disable those
security warning messages. Before I download and install Otter, I need a 100% certain yes
or no about disabling those messages. If yes, give me the exact procedure.

I know a lot about browsers because I've used several dozen. However, I am not a programming
expert. I can easily edit about:config, but I cannot write code. If there is a way to disable
those security messages it must be relatively simple.

.ini files are just configuration files. There's no programming involved at all. And anyway modifying them is only necessary if you want to customize/organize/optimize what Otter generates automatically.

You should get an error page when visiting some websites. If you click the Advanced then Load Insecure Page buttons, Otter will automatically add an entry for that domain to the file in this form:

Code: [Select]

[domain]
Security\IgnoreSslErrors="<Base 64 digest>"

Re: SSL/TLS Certificate Issue - How to Ignore?

Reply #10 – 2018-07-13, 18:20:03

Quote from: ersi on 2018-07-13, 08:24:55

@beastie Does config/override.ini take a "*" for *everything*?

You mean as a global override? I believe not. It works for subdomains though (e.g. [%2A.wikipedia.org]).

Re: SSL/TLS Certificate Issue - How to Ignore?

Reply #11 – 2018-07-18, 05:27:41

To ignore SSL error for QtWebengine, its require to override 'certificateError' method within 'QtWebEnginePage.cpp'.
'HandleSslErrors’ does not appear to have any effect.

This issue is closed.