[Opera 12] cant connect to adamcaudill.com with TLS
-
Deleted User last edited by
I tried to connect to https://adamcaudill.com/ with Opera 12.17. But no chance.
Opera shows:
Unable to complete secure transaction
Secure connection: fatal error (40) from server.
Failed to connect to server. The reason may be that the encryption methods supported by the server are not enabled in the security preferences.
TLS 1.0, 1.1 and 1.2 is enabled.
Can you confirm this?
-
Deleted User last edited by
Seems Opera 12 has problems with Cloudflare secured SSL
WTF!
In Firefox the certificate of the website shows sni67677.cloudflaressl.com als CommonName.But Cloudflare says on https://www.cloudflare.com/ssl:
Introducing Universal SSL
CloudFlare is on a mission to build a better Internet. One of the ways we’re achieving this is by bringing the tools of the Internet giants to everyone. Today, in an effort called Universal SSL, we’re enabling SSL by default for all our customers—even those on our Free plan.
Encrypting as much web traffic as possible to prevent data theft and other tampering is a critical step toward building a safer, better Internet. We’re proud to be the first Internet performance and security company to offer SSL protection at no cost.
The SSL for Free plan customers is completely compatible with all other CloudFlare performance and security features. Free plan SSL service will utilize Elliptic Curve Digital Signature Algorithm (ECDSA) certificates from Comodo or GlobalSign. These certificates will cover both your root domain and first-level subdomains through the use of a wildcard. It may take up to 24 hours to activate. SSL for Free plan users works with these modern browsers which support Server Name Indication (SNI):
Desktop Browsers
Internet Explorer 7 and later
Firefox 2
Opera 8 with TLS 1.1 enabled
Google Chrome:
Supported on Vista and later by default
OS X 10.5.7 in Chrome Version 5.0.342.0 and later
Safari 2.1 and later (requires OS X 10.5.6 and later or Windows Vista and later)Opera from version 8 with TLS 1.1!!!!
I have Opera 12.17 with TLS 1.0, 1.1 and 1.2 enabled.Whats wrong?
-
Deleted User last edited by
Strange certificate!
As to bee seen on https://ssl-tools.net/webservers/adamcaudill.com the server shows more than one Altername Name for sni67677.cloudflaressl.com -
blackbird71 last edited byThere's a lot of confusion currently occurring with website (and browser) attempts to deal with the SSL3 Poodle exploit issue. Not all site-and-browser combinations seem to handle the resulting TLS protocol-shifting handshakes appropriately with each other if SSL3 is being blocked by a browser. Moreover, depending on what a site sniffs the browser to be, it may also react differently, and the end result may not work successfully for that browser used with that site. The net effect seems to be taking browser incompatibility to a whole new level, at least where https is involved.
-
-
Deleted User last edited by
Opera 12 has connection issues with many, many websites secured with Cloudflare certificates. X/
-
blackbird71 last edited by
I think the answer may lie in Cloudflare's use of the Eliptic Curve Digital Signature Algorithm (ECDSA) technique used with the encryption key contained in their newly deploying "Free SSL" certificate system. If the browser doesn't support it, the cert cannot be employed to support https, and hence the browser will cough up a cert error message. See http://blog.cloudflare.com/ecdsa-the-digital-signature-algorithm-of-a-better-internet/ from March 2014:
"... I mentioned earlier that fewer than fifty ECDSA certificate are being used on the web. You can now count https://blog.cloudflare.com among them. If you don't see a lock icon, click here for the HTTPS version of the site. Once you are viewing this site over HTTPS, take a look at the TLS information bar (click on the lock icon in your address bar). You should see the key exchange mechanism listed as ECDHE_ECDSA, which means the certificate is using ECDSA. If the HTTPS version site does not load, your browser probably does not support ECDSA."
I don't believe Presto Opera supports ECDSA... at least, it's not listed in the keys supported for 12.14 via Ctrl+F12 > Advanced > Security > Security Protocols > Details.
-
-
blackbird71 last edited by
The obvious decreasing ability of Presto Opera to function on increasing numbers of https connections will probably be the thing that finally "kills" the Presto Opera version for many of its diehard users. As the universe of exploits against https protocols continues unfolding, there will likely be further changes in the Internet transport protocols and standards, as well as schemes of encryption... and a browser that is no longer being updated simply cannot keep pace. For those using Presto for non-https sites, of course, this by itself will not be a major issue - but a browser that ceases to function for an entire class of browsing is a browser with a major handicap. I know that this whole https/TLS business has become a key factor in my own significant drop in Presto Opera usage in favor of a more modern browser.
