Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
"the authenticity of the
received data could not be verified"
3,060 views
Skip to first unread message
Anton Shepelev
Dec 9, 2018, 6:15:24 AM12/9/18
to mozilla-sup...@lists.mozilla.org
Hello, all
My Firefox ESR 52.7.3 has started recently to refuse to load
some pages on the grounds that "The page you are trying to
view cannot be shown because the authenticity of the
received data could not be verified." What is especially
distressing is that there is no option to ignore this
problem and to proceed to the page, as if the browser considers
itself cleverer than the user. Is there a way to turn this
error into a warning or disable it altogether?
--
() ascii ribbon campaign -- against html e-mail
/\ http://preview.tinyurl.com/qcy6mjc [archived]
My Firefox ESR 52.7.3 has started recently to refuse to load
some pages on the grounds that "The page you are trying to
view cannot be shown because the authenticity of the
received data could not be verified." What is especially
distressing is that there is no option to ignore this
problem and to proceed to the page, as if the browser considers
itself cleverer than the user. Is there a way to turn this
error into a warning or disable it altogether?
--
() ascii ribbon campaign -- against html e-mail
/\ http://preview.tinyurl.com/qcy6mjc [archived]
Andy Burns
Dec 9, 2018, 6:56:09 AM12/9/18
to mozilla-sup...@lists.mozilla.org
Anton Shepelev wrote:
> "The page you are trying to
> view cannot be shown because the authenticity of the
> received data could not be verified."
Any help?
> "The page you are trying to
> view cannot be shown because the authenticity of the
> received data could not be verified."
<https://support.mozilla.org/en-US/questions/1058856>
J. P. Gilliver (John)
Dec 9, 2018, 12:31:45 PM12/9/18
to mozilla-sup...@lists.mozilla.org
In message
<mailman.3.1544356562...@lists.mozilla.org>, Andy
Seems to suggest adding domains to some list (_without_ their https://
prefix!), and it then works. Along with lots of well-intentioned
nannying that "all browsers will soon drop support for TLS 1.0" (or
whatever it was), "you should get on to the site and tell them", and so
on.
The contention that "browser knows best" does, however, seem to reign,
and the question "is there anything I can do to say 'just let me through
to the site'" is not being answered. _Is_ there anything? (Like the one
I've sometimes seen [maybe only in older Firefox versions?] that allows
me to accept some risk [not sure it's the one being mentioned here], and
has a tickbox [pre-ticked, which seems odd] saying something like "add
this to my list of exceptions".)
JPG
Visit 255soft.uk if you find petitions unfair (and please *pass it on*, too).
--
J. P. Gilliver. UMRA: 1960/<1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf
Veni Vidi Vacuum [I came, I saw, It sucked] - m...@saslimited.demon.co.uk, 1998
<mailman.3.1544356562...@lists.mozilla.org>, Andy
prefix!), and it then works. Along with lots of well-intentioned
nannying that "all browsers will soon drop support for TLS 1.0" (or
whatever it was), "you should get on to the site and tell them", and so
on.
The contention that "browser knows best" does, however, seem to reign,
and the question "is there anything I can do to say 'just let me through
to the site'" is not being answered. _Is_ there anything? (Like the one
I've sometimes seen [maybe only in older Firefox versions?] that allows
me to accept some risk [not sure it's the one being mentioned here], and
has a tickbox [pre-ticked, which seems odd] saying something like "add
this to my list of exceptions".)
JPG
Visit 255soft.uk if you find petitions unfair (and please *pass it on*, too).
--
J. P. Gilliver. UMRA: 1960/<1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf
Veni Vidi Vacuum [I came, I saw, It sucked] - m...@saslimited.demon.co.uk, 1998
Andy Burns
Dec 9, 2018, 3:30:21 PM12/9/18
to mozilla-sup...@lists.mozilla.org
J. P. Gilliver (John) wrote:
> The contention that "browser knows best" does, however, seem to reign,
> and the question "is there anything I can do to say 'just let me through
> to the site'" is not being answered. _Is_ there anything? (Like the one
> I've sometimes seen [maybe only in older Firefox versions?] that allows
> me to accept some risk [not sure it's the one being mentioned here], and
> has a tickbox [pre-ticked, which seems odd] saying something like "add
> this to my list of exceptions".)
there are some min/max settings in about:config.
> The contention that "browser knows best" does, however, seem to reign,
> and the question "is there anything I can do to say 'just let me through
> to the site'" is not being answered. _Is_ there anything? (Like the one
> I've sometimes seen [maybe only in older Firefox versions?] that allows
> me to accept some risk [not sure it's the one being mentioned here], and
> has a tickbox [pre-ticked, which seems odd] saying something like "add
> this to my list of exceptions".)
<http://kb.mozillazine.org/Security.tls.version.*>
But rather than reducing the security on your main firefox browser, you
may be better off installing e.g. an ancient opera browser, just for
visiting such "low security" sites.
J. P. Gilliver (John)
Dec 9, 2018, 3:42:07 PM12/9/18
to mozilla-sup...@lists.mozilla.org
In message
<mailman.16.1544387415...@lists.mozilla.org>, Andy
So there's no "one off" ("Let me go there _this_ time") option?
JPG
Visit 255soft.uk if you find petitions unfair (and please *pass it on*, too).
--
J. P. Gilliver. UMRA: 1960/<1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf
Actors are fairly modest...A lot of us have quite a lot to be modest about. -
Simon Greenall (voice of Aleksandr the "Simples!" Meerkat), RT 11-17 Dec 2010
<mailman.16.1544387415...@lists.mozilla.org>, Andy
JPG
Visit 255soft.uk if you find petitions unfair (and please *pass it on*, too).
--
J. P. Gilliver. UMRA: 1960/<1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf
Simon Greenall (voice of Aleksandr the "Simples!" Meerkat), RT 11-17 Dec 2010
VanguardLH
Dec 10, 2018, 11:21:22 AM12/10/18
to mozilla-sup...@lists.mozilla.org
Anton Shepelev wrote:
> My Firefox ESR 52.7.3 has started recently to refuse to load
> some pages on the grounds that "The page you are trying to
> view cannot be shown because the authenticity of the
> received data could not be verified." What is especially
> distressing is that there is no option to ignore this
> problem and to proceed to the page, as if the browser considers
> itself cleverer than the user. Is there a way to turn this
> error into a warning or disable it altogether?
The web-based forum thread referred to by Andy is over 3 years old.
> My Firefox ESR 52.7.3 has started recently to refuse to load
> some pages on the grounds that "The page you are trying to
> view cannot be shown because the authenticity of the
> received data could not be verified." What is especially
> distressing is that there is no option to ignore this
> problem and to proceed to the page, as if the browser considers
> itself cleverer than the user. Is there a way to turn this
> error into a warning or disable it altogether?
Apparently the site has replaced their site certification with one
supporting a later encryption scheme, so I cannot get the interferring
popup/page that you mentioned, plus I am on Firefox 63.0.3 (and Chrome
71.0.3578).
Rather than have respondents make guesses on an unidentified web site
where the problem happens, give a URL to the site where you see the
interferring prompt.
If the problem occurs at every HTTPS site you visit then the problem
could be with your anti-virus software. To interrogate encrypted
traffic (HTTPS), AVs must perform a man-in-the-middle (MITM) attack.
They install their own certificate used with their transparent proxy.
Your client (web browser) connects to the proxy and sees its cert, and
the proxy connects to the site to see their cert. If the AV did not
properly install its cert then the client will fail with cert errors.
Most web browsers use the global certificate store managed by the
operating system. In Windows, you run certmgr.msc. You never mentioned
under which OS you are running Firefox which is cross-platform. Mozilla
decided to use a private cert store in Firefox, so AVs must also install
their cert in Firefox's private cert store for their HTTPS proxying to
work with Firefox. You may find an option in the AV to reinstall their
cert into the global cert store in the OS and the private cert store in
Firefox. If not, you have to uninstall and reinstall the AV.
You could disable HTTPS scanning in the AV software which then doesn't
need the MITM cert scheme; however, that means it can only interrogate
HTTP traffic. The AV won't be able to determine if an HTTPS site
delivers malicious content. Sites have been migrating to HTTPS.
Andy Burns
Dec 10, 2018, 2:13:37 PM12/10/18
to mozilla-sup...@lists.mozilla.org
VanguardLH wrote:
> I cannot get the interferring popup/page that you mentioned
This website (or collection of sites) is handy for showing how the
> I cannot get the interferring popup/page that you mentioned
browser handles various valid/invalid TLS configurations, so you can
confirm which ones you are allowed to add exceptions for, and which ones
are game-over.
Andy Burns
Dec 10, 2018, 2:15:06 PM12/10/18
to mozilla-sup...@lists.mozilla.org
Anton Shepelev
Dec 18, 2018, 11:39:04 AM12/18/18
to support...@lists.mozilla.org
Andy Burns to Anton Shepelev:
>>"The page you are trying to view cannot be shown because
>>the authenticity of the received data could not be
>>verified."
>
>Any help?
>
><https://support.mozilla.org/en-US/questions/1058856>
Thank you, Andy. Unfortunately, that webside has since
started to work, so I can't test it until I encouter the
problem again. The work-around is, however, rather clumsy
in forcing the user to modify deeply buried FireFix settings
for every website.
--
() ascii ribbon campaign - against html e-mail
/\ http://preview.tinyurl.com/qcy6mjc [archived]
>>"The page you are trying to view cannot be shown because
>>the authenticity of the received data could not be
>>verified."
>
>
><https://support.mozilla.org/en-US/questions/1058856>
Thank you, Andy. Unfortunately, that webside has since
started to work, so I can't test it until I encouter the
problem again. The work-around is, however, rather clumsy
in forcing the user to modify deeply buried FireFix settings
for every website.
--
() ascii ribbon campaign - against html e-mail
/\ http://preview.tinyurl.com/qcy6mjc [archived]
0 new messages