To my dismay today, I ran into a problem with Firefox 3 Beta 5 on Hardy Heron. Apparently, Mozilla has decided to put the screws to people who sign their own certificates or use certs not issued by their own domain by creating a four step process to bypass the error message. Here is an explanation: http://wiki.mozilla.org/Security:SSLErrorPages
I was attempting to access an APC UPS inside my company’s network (translated If I am subjected to a man-in-the-middle attack, it is no one’s problem but mine and my department’s.) APC signed the cetrificate and I was accessing it by IP address inside my network.
So, explain this one to me Mozilla… Is APC supposed to drop their encryption on their UPS systems or do they just have to pay their employees to rewrite the code so I can go out and buy a certificate for this device? Do I have to register this with my internal dns so it’s easy to remember the way back to it and the students where I work can memorize it’s name?
Perhaps this needs to be removed out of the final version of Firefox 3 and you can write an extension that makes everything break!