Getting "Secure connection: fatal error (80) from server" from good site
-
genegold last edited by
Opera 12.17, Win 8.1. I'm getting the secure connection error from https://www.billfixers.com/ and it's not clear why, as cache is clear and the site works with Opera 35, IE11, FF, Slimjet and Vivaldi. Any ideas? Thanks,
-
-
-
-
blackbird71 last edited by admin@genegold https://forums.opera.com/topic/5372/opera-12-17-no-longer-works-with-https-for-me
Wow... a blast from the past. The main part of that thread ran for 15 months, with both problems and solution ideas ebbing and flowing. I would strongly encourage @genegold to read the whole thread and get a "feel" for what is variously suggested before embarking on a path of solution attempts. And meanwhile, know that the entire problem of using a 'frozen' and increasingly obsolete browser in a world of still-evolving security protocols, certificates, encryption schemes, and revocation lists has not gotten any better in the months since then...
-
genegold last edited by
Thanks for that link. It's an interesting thread, even if it doesn't quite solve the problem. I'm obviously aware of limitations that continue to arise with Opera 12.17 as the world turns. Although Opera Blink has advanced considerably since the beginning of that thread, I still agree with the OP's sentiment, even if it's not wholly true anymore: "I've tried switching to new Opera but it is unusable with tons of missing essential features that true Opera had." As much as I would willfully switch to the new Opera full time, I've found the new developers (or perhaps their bosses) to be willfully tone deaf when it comes to basics of browser functionality. A most unfortunate situation, but one can hope that one or more of the alternatives in development pan out, while Opera 12 remains largely workable, though a touch slow. Only a couple of sites show the secure connection error and a few run up the cpu meter.
-
sgunhouse Moderator Volunteer last edited by
Let's see
Security Information: www.billfixers.com:443 Security protocol TLS v1.2 128 bit AES GCM (256 bit ECDHE_ECDSA/SHA-256) Validated Servername *.billfixers.com (www.billfixers.com) Issued to sni222456.cloudflaressl.com, Issued By COMODO CA Limited Issued By COMODO CA LimitedWell, there it is. Both TLS 1.2 and GCM. If you can find all the stuff listed under Security protocols, make sure it's enabled. All I can suggest until Opera does something about it.
-
blackbird71 last edited by
And, indeed, there it may be! The problem may lie with the security protocols and ciphers specified in the cert: Security protocol TLS v1.2 128 bit AES GCM (256 bit ECDHE_ECDSA/SHA-256)
Breaking that down:
-
TLS v1.2 specifies the TLS (and its version) handshaking protocol, for establishing secure communications
-
128 bit AES GCM means the browser client will verify the key's validity using an AES 128-bit algorithm to communicate
-
ECDHE_ECDSA specifies the browser client and the server will agree on encryption keys using Ephemeral Elliptic Curve Diffie-Hellman with Elliptic Curve Digital Signal Algorithm for digital signatures
-
SHA-256 is the algorithm to be used for secure hashing of parts of the TLS messages
Unfortunately, Olde Opera versions don't list ECDHE_ECDSA (or any other ephemeral elliptic ciphers, for that matter) as available in the browser for usage in establishing https traffic pathways. Most newer browsers now include ephemeral elliptic ciphers in their cipher suites and many secure websites have moved on accordingly, but unfortunately, Olde Opera is locked in space and time at a point several years ago.
-
