<![CDATA[SSL Error: smth wrong with Certificate Transparency policy]]>Today I found out that Opera no longer lets me to access mail.ru. However, in other browsers on my OS all works fine, so certificate is ok.
"The server presented a certificate that was not publicly disclosed using the Certificate Transparency policy."
But according to Certificate Transparency report (https://www.google.com/transparencyreport/https/ct/) for this site - it's cert is listed, so it should be trusted by opera, but it doesn't.
What could be the problem?

]]>https://forums.opera.com/topic/18069/ssl-error-smth-wrong-with-certificate-transparency-policyRSS for NodeWed, 17 Jun 2026 23:30:48 GMTSun, 13 Nov 2016 20:57:12 GMT60<![CDATA[Reply to SSL Error: smth wrong with Certificate Transparency policy on Sat, 26 Nov 2016 09:59:42 GMT]]>And... here's a list of sites that hardcoded to use HSTS. Theoretically, all these sites should give the problem and not pull up. mail.ru and amazon.com are included

]]>https://forums.opera.com/post/111075https://forums.opera.com/post/111075Sat, 26 Nov 2016 09:59:42 GMT<![CDATA[Reply to SSL Error: smth wrong with Certificate Transparency policy on Sat, 26 Nov 2016 09:42:22 GMT]]>

My only guess is that this has something to do with Opera's VPN feature, as I've been using the VPN when this notification was received. This is of concern to say the least, as it brings to mind SSL man-in-the-middle exploits.

MY NEXT GUESS: This appears to be an issue with HSTS (HTTP Strict Transport Security).
From Wikipedia: "TTP Strict Transport Security (HSTS) is a web security policy mechanism which helps to protect websites against protocol downgrade attacks and cookie hijacking. It allows web servers to declare that web browsers (or other complying user agents) should only interact with it using secure HTTPS connections,[1] and never via the insecure HTTP protocol."

It also seems that some users may tweak Opera settings regarding HSTS by going to opera://net-internals/#hsts I suppose by adding some sort of exception as per: http://classically.me/blogs/how-clear-hsts-settings-major-browsers BUT...

I get forwarded to a web search when I try to go to that blog post about clearing HSTS for specific domains, so perhaps it is a bug or only perhaps the customization page is available in other Opera versions, like the one for Windows? EDIT: Now all of a sudden the link chrome://net-internals/#hsts IS working for me

Considering that the blog post was written in Feb 2014, it's strange that the issue would just be seen now, so I'm leaning towards bug.

]]>https://forums.opera.com/post/111074https://forums.opera.com/post/111074Sat, 26 Nov 2016 09:42:22 GMT<![CDATA[Reply to SSL Error: smth wrong with Certificate Transparency policy on Sat, 26 Nov 2016 09:03:03 GMT]]>My only guess is that this has something to do with Opera's VPN feature, as I've been using the VPN when this notification was received. This is of concern to say the least, as it brings to mind SSL man-in-the-middle exploits.

]]>https://forums.opera.com/post/111073https://forums.opera.com/post/111073Sat, 26 Nov 2016 09:03:03 GMT<![CDATA[Reply to SSL Error: smth wrong with Certificate Transparency policy on Fri, 18 Nov 2016 19:19:04 GMT]]>It does the same thing when I try to go to the Amazon website. A bug maybe?

]]>https://forums.opera.com/post/110729https://forums.opera.com/post/110729Fri, 18 Nov 2016 19:19:04 GMT<![CDATA[Reply to SSL Error: smth wrong with Certificate Transparency policy on Mon, 14 Nov 2016 14:14:01 GMT]]>I'm having the same issue with yahoo login https://login.yahoo.com. I can login using Firefox or Chrome but Opera generates the message "The server presented a certificate that was not publicly disclosed using the Certificate Transparency policy." and only lets me "Return to Safety". As above the the certificate for login.yahoo.com is listed

]]>https://forums.opera.com/post/110505https://forums.opera.com/post/110505Mon, 14 Nov 2016 14:14:01 GMT