Ignore Untrusted Certificates

Discussions and Tech Support related to the iMacros Firefox Add-on, including the built-in Javascript scripting interface for playing .js files.
Forum rules
Before asking a question or reporting an issue:
1. Please review the list of FAQ's.
2. Use the search box (at the top of each forum page) to see if a similar problem or question has already been addressed.
3. Try searching the iMacros Wiki - it contains the complete iMacros reference as well as plenty of samples and tutorials.
4. We can respond much faster to your posts if you include the following information:CLICK HERE FOR IMPORTANT INFORMATION TO INCLUDE IN YOUR POST
Post Reply
natesreich
Posts: 8
Joined: Wed Oct 29, 2014 3:30 am

Ignore Untrusted Certificates

Post by natesreich » Sun Apr 08, 2018 9:34 pm

Configuration:
- iMacros 9.0.3
- Firefox 48.0
- Windows 10

Issue:
When using some proxies, I get a SEC_ERROR_UNKNOWN_ISSUER error in Firefox on secure pages. How can I prevent this?

With Selenium, it seems fairly straightforward by setting "acceptInsecureCerts" capability: https://stackoverflow.com/questions/168 ... g-selenium

Is there something similar with iMacros? I have tried everything to disable the error from within Firefox to no avail.
thecoder2012
Posts: 248
Joined: Sat Aug 15, 2015 5:14 pm
Location: Internet
Contact:

Re: Ignore Untrusted Certificates

Post by thecoder2012 » Mon Apr 09, 2018 1:19 am

natesreich wrote:Is there something similar with iMacros? I have tried everything to disable the error from within Firefox to no avail.
You can try this Firefox addon: https://addons.mozilla.org/en-US/firefo ... ert-error/
Join 9kw.eu Captcha Service now and let your iMacros continue downloads and scripts while you sleep. - Custom iMacros? Contact me!
natesreich
Posts: 8
Joined: Wed Oct 29, 2014 3:30 am

Re: Ignore Untrusted Certificates

Post by natesreich » Mon Apr 09, 2018 2:05 am

thecoder2012 wrote:
natesreich wrote:Is there something similar with iMacros? I have tried everything to disable the error from within Firefox to no avail.
You can try this Firefox addon: https://addons.mozilla.org/en-US/firefo ... ert-error/
Thank you for the quick reply.

I tested the add-on, but it didn't work for any of the options in https://badssl.com/

The add-on's page does say that the project was discontinued.

Any other options?
thecoder2012
Posts: 248
Joined: Sat Aug 15, 2015 5:14 pm
Location: Internet
Contact:

Re: Ignore Untrusted Certificates

Post by thecoder2012 » Mon Apr 09, 2018 4:37 am

natesreich wrote:Any other options?
I think not really without recompile the browser, make your own addon or start your browser with selenium or (proxy) tools like fiddler.

I have tested Skip Cert Error with Pale Moon 27.6.2 but I think it's not for your case enough. Because it's more like add cert exception without user clicks in the current page.
This Firefox extension enables skipping the SSL/TLS certificate error page, for specific configurable conditions, like self-signed cert or unknown issuer, by adding a temporary exception.
Few ideas:
https://www.telerik.com/fiddler (local proxy with auto cert for websites, activate the option for https, import fiddler cert in your browser) 8)
how-to-disable-this-connection-is-untrusted-certificate-in-firefox
firefox-addon-sdk-setting-an-ssl-certificate-for-https-requests(Make your own addon)
how-can-i-get-the-ssl-certificate-info-for-the-current-page-in-a-firefox-add-o
read-ssl-certificates-in-a-firefox-extension
firefox-sdk-monitoring-http-response
How_to_check_the_secruity_state_of_an_XMLHTTPRequest_over_SSL
selenium-testing-https-trust-all-certificates-working-for-ff-but-not-ie
how-to-accept-self-signed-ssl-certificates-in-selenium.html

Other addon is remember certificate except but I think it's not enough for your case.
See https://addons.mozilla.org/en-US/firefo ... te-except/ (same to Skip Cert Error)
- auto-click 'Or you can add an exception' link
- auto-click 'Add Exception' button
- auto-click 'Get Certificate' button
- auto-click 'Confirm Security Exception' button
- auto-reload ssl page
Join 9kw.eu Captcha Service now and let your iMacros continue downloads and scripts while you sleep. - Custom iMacros? Contact me!
chivracq
Posts: 8195
Joined: Sat Apr 13, 2013 1:07 pm
Location: Amsterdam (NL)

Re: Ignore Untrusted Certificates

Post by chivracq » Mon Apr 09, 2018 7:41 am

natesreich wrote:Configuration:

Code: Select all

- iMacros 9.0.3
- Firefox 48.0
- Windows 10
Issue:
When using some proxies, I get a SEC_ERROR_UNKNOWN_ISSUER error in Firefox on secure pages. How can I prevent this?

With Selenium, it seems fairly straightforward by setting "acceptInsecureCerts" capability: https://stackoverflow.com/questions/168 ... g-selenium

Is there something similar with iMacros? I have tried everything to disable the error from within Firefox to no avail.
thecoder2012 wrote:
natesreich wrote:Is there something similar with iMacros? I have tried everything to disable the error from within Firefox to no avail.
You can try this Firefox addon: https://addons.mozilla.org/en-US/firefo ... ert-error/
natesreich wrote:
thecoder2012 wrote:
natesreich wrote:Is there something similar with iMacros? I have tried everything to disable the error from within Firefox to no avail.
You can try this Firefox addon: https://addons.mozilla.org/en-US/firefo ... ert-error/
Thank you for the quick reply.

I tested the add-on, but it didn't work for any of the options in https://badssl.com/

The add-on's page does say that the project was discontinued.

Any other options?
thecoder2012 wrote:
natesreich wrote:Any other options?
I think not really without recompile the browser, make your own addon or start your browser with selenium or (proxy) tools like fiddler.

I have tested Skip Cert Error with Pale Moon 27.6.2 but I think it's not for your case enough. Because it's more like add cert exception without user clicks in the current page.
This Firefox extension enables skipping the SSL/TLS certificate error page, for specific configurable conditions, like self-signed cert or unknown issuer, by adding a temporary exception.
Few ideas:
https://www.telerik.com/fiddler (local proxy with auto cert for websites, activate the option for https, import fiddler cert in your browser) 8)
how-to-disable-this-connection-is-untrusted-certificate-in-firefox
firefox-addon-sdk-setting-an-ssl-certificate-for-https-requests(Make your own addon)
how-can-i-get-the-ssl-certificate-info-for-the-current-page-in-a-firefox-add-o
read-ssl-certificates-in-a-firefox-extension
firefox-sdk-monitoring-http-response
How_to_check_the_secruity_state_of_an_XMLHTTPRequest_over_SSL
selenium-testing-https-trust-all-certificates-working-for-ff-but-not-ie
how-to-accept-self-signed-ssl-certificates-in-selenium.html

Other addon is remember certificate except but I think it's not enough for your case.
See https://addons.mozilla.org/en-US/firefo ... te-except/ (same to Skip Cert Error)
- auto-click 'Or you can add an exception' link
- auto-click 'Add Exception' button
- auto-click 'Get Certificate' button
- auto-click 'Confirm Security Exception' button
- auto-reload ssl page
Hum, wanted to post in the Thread, but hum-hum, @OP, you never followed up in any of your 3 previous Threads or finished any with a Sol to make them a bit useful for other Users, even if you now neatly mention your FCI, I only had to ask once, good...!
(But not following up on their previous Threads is always a bit of a "Show-killer" for me to want to (try to) help Users (again)... => Maybe an "Idea" to finish those 3 Threads a bit "correctly"...?)

:arrow: Interesting Qt anyway, I honestly don't know much about Certs myself, funny/strange we get several related/similar Threads on the Forum the last few weeks..., could I get some URL posted about some Site that will trigger such a Cert Pop-up (+ Proxy Info if needed) if I want to have a look...?

Based on the (2nd) Sol @OP linked to on SOF, I would already have a "Creative" Sol I think, by simply creating and maintaining your own Cert locally which probably is a simple '.TXT' File and that could be accessed and edited with some new Entry on the fly from the iMacros '.iim' Script..., I "suspect" after a Cert File has been added to the "Trusted" Entities/Authorities, that FF won't go checking its "Integrity" anymore, and you can probably "mess" with it, ah-ah...!, I use a similar Mechanism myself for Dynamic (Temp) DataSources and even auto-morphing ('.iim') Macros, with a Conditional Reload of the Site if needed, after the Cert File has been edited / new Exception added...

I had a look at 'about:config' (PM v26.3.3) and didn't see any direct/evident Solution indeed... :cry:

Hum, @thecoder2012, I'm "starting" to like you (a bit :oops: ), ah-ah...! :shock:
=>A big Compliment for the Quality of your Answers in the last few weeks... (even if I don't support helping Users about Captcha, but OK, that's your "Business", fair enough..., and nice from you that you (now) answer other Threads as well that are not (only) related to Captcha...). :D
- (F)CIM = (Full) Config Info Missing: iMacros + Browser + OS with all 3 Versions...
- I usually don't even read the Question if that (required) Info is not mentioned...
- Script & URL usually help a lot for a more "educated" Help...
thecoder2012
Posts: 248
Joined: Sat Aug 15, 2015 5:14 pm
Location: Internet
Contact:

Re: Ignore Untrusted Certificates

Post by thecoder2012 » Mon Apr 09, 2018 2:50 pm

chivracq wrote:I had a look at 'about:config' (PM v26.3.3) and didn't see any direct/evident Solution indeed... :cry:
Not longer. I mean in the old versions was it possible. But PM (v27.6.2) has a little more options than FF.
chivracq wrote:Hum, @thecoder2012, I'm "starting" to like you (a bit :oops: ), ah-ah...! :shock:
=>A big Compliment for the Quality of your Answers in the last few weeks... (even if I don't support helping Users about Captcha, but OK, that's your "Business", fair enough..., and nice from you that you (now) answer other Threads as well that are not (only) related to Captcha...). :D
Thanks! I hope iMacros for Firefox has good updates in the future.
Join 9kw.eu Captcha Service now and let your iMacros continue downloads and scripts while you sleep. - Custom iMacros? Contact me!
natesreich
Posts: 8
Joined: Wed Oct 29, 2014 3:30 am

Re: Ignore Untrusted Certificates

Post by natesreich » Mon Apr 09, 2018 3:20 pm

chivracq wrote:Hum, wanted to post in the Thread, but hum-hum, @OP, you never followed up in any of your 3 previous Threads or finished any with a Sol to make them a bit useful for other Users, even if you now neatly mention your FCI, I only had to ask once, good...!
(But not following up on their previous Threads is always a bit of a "Show-killer" for me to want to (try to) help Users (again)... => Maybe an "Idea" to finish those 3 Threads a bit "correctly"...?)
I am sorry, but I actually didn't have a solution for the previous threads. I just gave up. :(
chivracq wrote: :arrow: Interesting Qt anyway, I honestly don't know much about Certs myself, funny/strange we get several related/similar Threads on the Forum the last few weeks..., could I get some URL posted about some Site that will trigger such a Cert Pop-up (+ Proxy Info if needed) if I want to have a look...?
Sure, try any of the examples here: https://badssl.com/
chivracq wrote: Based on the (2nd) Sol @OP linked to on SOF, I would already have a "Creative" Sol I think, by simply creating and maintaining your own Cert locally which probably is a simple '.TXT' File and that could be accessed and edited with some new Entry on the fly from the iMacros '.iim' Script..., I "suspect" after a Cert File has been added to the "Trusted" Entities/Authorities, that FF won't go checking its "Integrity" anymore, and you can probably "mess" with it, ah-ah...!, I use a similar Mechanism myself for Dynamic (Temp) DataSources and even auto-morphing ('.iim') Macros, with a Conditional Reload of the Site if needed, after the Cert File has been edited / new Exception added...
Interesting approach. I imagine you would get !URLCURRENT and then override the certificate file.

But, what if the proxy is loading secure elements from other domains inside the URL being accessed? In that case, this approach wouldn't work since the proxy would be triggering an error for all SSL elements.

I wonder if there's a way to achieve this with Greasemonkey?
thecoder2012
Posts: 248
Joined: Sat Aug 15, 2015 5:14 pm
Location: Internet
Contact:

Re: Ignore Untrusted Certificates

Post by thecoder2012 » Tue Apr 10, 2018 7:48 pm

natesreich wrote:But, what if the proxy is loading secure elements from other domains inside the URL being accessed?
Possible but not with every proxy. Only proxies like fiddler and similar with decrypted https and new root cert in your browser. (=security risk!)
natesreich wrote:In that case, this approach wouldn't work since the proxy would be triggering an error for all SSL elements.
Then has your proxy only https redirect support, nothing else. See https://www.fiddlerbook.com/fiddler/hel ... yption.asp
natesreich wrote:I wonder if there's a way to achieve this with Greasemonkey?
I think no. It's same to iMacros (v8.9.7) with Javascript. Low-level API in FF or complicated addon, maybe.
Fastest way without enough knowledge (or time) with all domains is an local proxy like fiddler with activated https (cert) and imported (fiddler) root cert in your browser.
Join 9kw.eu Captcha Service now and let your iMacros continue downloads and scripts while you sleep. - Custom iMacros? Contact me!
Post Reply