Updated to 43, can no longer "continue anyway" on bad certs
-
A Former User last edited by
Prior to updating to version 43, if you went to a site that had an expired or invalid cert you could click "Continue anyway" on a dialog box and just keep going. As of updating just now, this is no longer possible, and you just get a "you can't proceed" message.
Is there any way around this? Why was this changed?
As a web developer, it's often necessary to work on test/staging environments with incorrect or outdated certificates.
I really don't relish the idea of having to use a separate browser for work. -
mtakala last edited by
This also happened to me. I also work in test enviroments and in local LAN where self-signed certificates are almost extensively used.
Looks like Opera has just shot itself to the knee, because it is impossible for me to get any work done after this change. I had to install Firefox for the first time in ten years.
-
luchettovega last edited by
Registered to this forum just to complain about this issue.
Having the same problems as the guys above me. And now I don't have any other option that to download firefox and start using it again.
Hope you reconsider this and maybe add an option to enable/disable this.
Thanks -
A Former User last edited by
Yes, I had to start using Chrome for my dev tasks. It's quite frustrating.
-
sergeyjey last edited by
Registered just to point out to this issue. Had to switch to chrome. Guys, please add an option to "process anyway" or some checkbox in settings.
-
A Former User last edited by
I spoke with an opera rep on Twitter and the response was essentially "Okay, well, we've decided to keep it this way." Very unfortunate.
-
mtakala last edited by
I spoke with an opera rep on Twitter and the response was essentially "Okay, well, we've decided to keep it this way." Very unfortunate.
Looks like that will be the final straw. Testing Vivaldi now.
-
shelluser last edited by
Uhm, what kind of Opera version are you guys actually using? I'm using the latest Opera 43 (43.0.2442.806) and I have no issues with this. So I think either something changed (doubtful considering the short timespan) or you guys are talking a lot of nonsense up there:
So yeah...
-
A Former User last edited by
Uhm, what kind of Opera version are you guys actually using? I'm using the latest Opera 43 (43.0.2442.806) and I have no issues with this. So I think either something changed (doubtful considering the short timespan) or you guys are talking a lot of nonsense up there:
So yeah...
In cases where the certificate has incorrect information, the popup shows as usual. In cases where the certificate has expired, the popup shows as usual. It's only when both those things are the case where, for some reason, the popup does not appear and you cannot proceed. Presumably it is to protect average users from malicious sites.
All I'd like is some sort of internal flag I can check to override this behaviour, but according to the support rep this behaviour is intentional and not going to change. -
shelluser last edited by
It's only when both those things are the case where, for some reason, the popup does not appear and you cannot
proceed. Presumably it is to protect average users from malicious sites.Ah ok, that's not what your OP said
I can reproduce this issue, but also fail to see the problem with it. If you're testing then all you need to do is either install the certificate locally, ensure a long lifespan of your testing certificate, or simply set up and use a local CA (which is what I usually do).
I've often came across expired certificates but hardly any which are both invalid and expired. I really think the problem is hardly as big as you make it sound.
-
A Former User last edited by
It's not that the problem is big, it's that something which was previously up to the user is now decided by someone else.
They've taken away the choice completely, for no real apparent reason.
There are certainly tons of ways to work around it, but it speaks to a larger mentality at the company that users must be protected from themselves. -
mtakala last edited by
Yep, I could fix 2 of the 4 services I use daily by just generating new key - the previous had expired. As these are services that are being used both by local LAN IP and by a DNS name, I think the certificate can't ever be 100% correct for both use cases?
-
A Former User last edited by
As a followup, it's slightly amusing that the "concept" browser Opera Neon does the correct (previous) thing and lets the user continue anyway, while standard opera now does not. Almost makes a person wonder if this change was actually a bug rather than intentional.
Anyhow, Vivaldi behaves properly as well, so perhaps it's time to make the move over there. It seems to have stabilized quite a bit since release. Sad, because I've been an Opera fan since almost the beginning.
-
nabino21 last edited by
It's still same in the latest stable bulid 991. Not sure if they are gonna fix this in the future but in the meantime this is a workaround (use at your own risk!).
Add this at the end of the shortcut command line --ignore-certificate-errors
eg. "C:\Program Files\Opera\launcher.exe" --ignore-certificate-errors
Kinda defeat the purpose of supposedly increased security by not giving an option for the average user to decide that the site is safe to proceed. Now we gotta disable all certificate warnings just great!
-
A Former User last edited by
I agree, surely it's up to the user if they want to take the risk of proceeding with a potentially risky operation. That choice should not be taken away, Opera are completely covered if warnings were issued.
My Internet Security suite has a similar problem, it warns you about potentially dangerous web sites, but the latest version will not now allow you to go ahead anyway, which previous versions did.
If you know it's a false positive, you can no longer over-ride the warning unless you switch the whole Internet Security system off completely, which is madness!
-
davepmiddleton last edited by
That would be annoying, so I checked to see for myself. These are my findings.
Opera 43.0.2442.991 (64-bit) on Windows 10 still offers a dialog box for:
- Incorrect,
- Self-signed,
- Expired certificates.
See these test links: https://onlinessl.netlock.hu/en/test-center/invalid-ssl-certificate.html.
However, for hash functions that are no longer considered safe e.g. expired SHA-1 certificates, Opera 43 no longer offers you an option to continue. See this test link: https://expired.identrustssl.com
Hope this helps.
-
zalex108 last edited by
A way to force websites to update their certificates? :sherlock:
"You cannot know the meaning of your life until you are connected to the power that created you". ยท Shri Mataji Nirmala Devi
-
A Former User last edited by
That would be annoying, so I checked to see for myself. These are my findings.
Opera 43.0.2442.991 (64-bit) on Windows 10 still offers a dialog box for:Incorrect,
Self-signed,
Expired certificates.See these test links: https://onlinessl.netlock.hu/en/test-center/invalid-ssl-certificate.html.
However, for hash functions that are no longer considered safe e.g. expired SHA-1 certificates, Opera 43 no longer offers you an option to continue. See this test link: https://expired.identrustssl.com
Hope this helps.I hadn't bothered working out the exact problem causing it, thanks.
In the end, they're gonna make the decisions they feel work best for the majority of people.
I'll live. -
talu1966 last edited by
After updating from 39 to 43 in Ubuntu 12.04 I now get the privacy complaint even from google.com and auth.opera.com ! Is my system compromised, or has anyone seen this problem under Linux ?