MozillaZine

Browser.xul.error pages.expert bad cert

From MozillaZine Knowledge Base

The title given to this article is incorrect due to technical limitations. The correct title is browser.xul.error_pages.expert_bad_cert.

This article describes the preference browser.xul.error_pages.expert_bad_cert. To add, delete, or modify this preference, you will need to edit your configuration — do not edit this article.

Contents

[edit]

Background

Firefox 3 comes with new invalid SSL certificate handling behavior, aimed at making it harder to accidentally or unconsciously accept a bad certificate. While benefiting the novice-to-intermediate user in terms of security, it can be a hindrance to advanced users who frequently encounter self-signed certificates. This preference enables some extra UI on the SSL error page that makes it easier to accept an invalid certificate.

[edit]

Possible values and their effects

[edit]

True

Unhide the “add exception” button on the SSL error page, allowing users to directly accept a bad certificate.

[edit]

False

Hide the advanced UI, requiring users to click through explanatory dialogs before adding an exception. (Default)

[edit]

Recommended settings

In most cases, this preference should be left as true. Only change it if you are familiar both with how SSL certificates work and the sites you plan to add as exceptions.

If you set this preference to false, you may also want to set browser.ssl_override_behavior to 2 to pre-fetch the certificate.

[edit]

First checked in

2008-05-02 by Daniel Veditz

[edit]

Has an effect in

  • Firefox (nightly builds since 2008-05-02)
[edit]

Related bugs

[edit]

Related preferences

Retrieved from "http://kb.mozillazine.org/Browser.xul.error_pages.expert_bad_cert"