how to reject server certificates automatically

Reply to how to reject server certificates automatically on Mon, 22 Sep 2014 12:43:29 GMT

Deleted User — Mon, 22 Sep 2014 12:43:29 GMT

Looking in Opera Preferences -> Advanced -> Security
Manage Certificates...
I have a lot of *.facebook.com rejected certificates: around 60 or 70!

Now you know Opera has rejected by user interaction such bad certificates.

Is it possible that every time a somehow different certificate is issued? (even when being on the same page).

Yes, your company's security software appliance may cause such problems.

Reply to how to reject server certificates automatically on Mon, 22 Sep 2014 09:02:43 GMT

gilgamesh99 — Mon, 22 Sep 2014 09:02:43 GMT

Yes, 12.17.
Looking in Opera Preferences -> Advanced -> Security
Manage Certificates...

I have a lot of *.facebook.com rejected certificates: around 60 or 70!

Is it possible that every time a somehow different certificate is issued? (even when being on the same page).

Reply to how to reject server certificates automatically on Sat, 20 Sep 2014 10:04:29 GMT

Deleted User — Sat, 20 Sep 2014 10:04:29 GMT

I think you use Opera 12?

If you get a popup about unknow certificate

select Tab security
Remember my choice
Hit Reject button

Now this certificate is rejected forever.

Opera Preferences -> Advanced -> Security
Manage Certificates...
Tab Rejected shows all rejected ones by user.
Tab Approved shows all allowed ones by user.

Reply to how to reject server certificates automatically on Fri, 19 Sep 2014 11:53:08 GMT

gilgamesh99 — Fri, 19 Sep 2014 11:53:08 GMT

Thx but, once again, my original question remains: why Opera does not remember the choice of rejecting the certificates?
I don't want to view Facebook pages, I'd want to get rid of these annoying pop-ups.

Reply to how to reject server certificates automatically on Fri, 19 Sep 2014 11:28:35 GMT

Deleted User — Fri, 19 Sep 2014 11:28:35 GMT

Yes, your company connection to facebook is blocked/scanned by a internal proxy/security hardware.
Contact your company's administrator for this issue.

Reply to how to reject server certificates automatically on Fri, 19 Sep 2014 10:33:31 GMT

gilgamesh99 — Fri, 19 Sep 2014 10:33:31 GMT

The popup reports the following:

Holder: *.facebook.com, Facebook, Inc.
Issuer: 10.249.6.201, Blue Coat SG9000 Series
Expires: 13/04/2015 13.00.00 GMT

Encryption protocol
256 bit AES (RSA/SHA).

I believe 10.249.6.201 to be the proxy server/firewall of my company.
Blue Coat is indeed a web proxy manufacturer.
Additional info: Facebook is blocked.

It seems that the proxy makes Opera believe the certificate to be issued by itself, hence Opera of course does not recognize it.

Can I store this proxy's certificate in Opera?

Reply to how to reject server certificates automatically on Fri, 19 Sep 2014 09:34:26 GMT

Deleted User — Fri, 19 Sep 2014 09:34:26 GMT

The certificate for "*.facebook.com" is signed by the unknown Certificate Authority..."

Which Unknown Certificate Authority is shown in case of such popups/unknow certs?

Facebook.com server certifcate is signed by following CAs:
DigiCert High Assurance CA-3
DigiCert High Assurance EV Root CA

Download DIgicerts CA certificates from https://www.digicert.com/digicert-root-certificates.htm these Certificates and add them to certificate store of your OS/Opera.

Beware: all other warnings about certificates may come from injected ads/malware/cracked SSL connections.

Reply to how to reject server certificates automatically on Fri, 19 Sep 2014 07:57:20 GMT

gilgamesh99 — Fri, 19 Sep 2014 07:57:20 GMT

That's true but thing is these popup warnings are a bit more annoying then the "like" buttons on the web pages... :=)

I really don't understand why the remember flag is not working.
I consider it a bug.

Reply to how to reject server certificates automatically on Thu, 18 Sep 2014 15:49:31 GMT

linuxmint7 — Thu, 18 Sep 2014 15:49:31 GMT

This means that in way or another opera forum page is linked with facebook.

Like pretty much most of the web.

What about all those 'Like' buttons or the 'follow us on Facebook' buttons that are plastered all around the internet ?.

Reply to how to reject server certificates automatically on Tue, 24 Oct 2017 09:30:41 GMT

gilgamesh99 — Tue, 24 Oct 2017 09:30:41 GMT

Actually the real question should be "why the webpage is trying to connect to facebook?".
Even if I go to https://forums.opera.com/category/11/opera-for-windows I get the same warning.
This means that in way or another opera forum page is linked with facebook.
Isn't it possible to block these connections?

Reply to how to reject server certificates automatically on Thu, 18 Sep 2014 14:29:33 GMT

gilgamesh99 — Thu, 18 Sep 2014 14:29:33 GMT

Ok, but why the "Remember my choice for this certificate" does not work?

Reply to how to reject server certificates automatically on Thu, 18 Sep 2014 14:11:54 GMT

Deleted User — Thu, 18 Sep 2014 14:11:54 GMT

You should not get such warnings!

Othewrise you are hacked. Or your internet provider wants to crack your secure connection if you are in a country with less privacy and humans rights.

Reply to how to reject server certificates automatically on Thu, 18 Sep 2014 13:58:09 GMT

Deleted User — Thu, 18 Sep 2014 13:58:09 GMT

Opera checks certificates against its Windows Certificate Store.
You cant reject SSL to facebook.com globally.