Reino Posted May 25, 2022 Share Posted May 25, 2022 I'm using 'palemoon-28.10.6a1.win32-git-20220521-d849524bd-uxp-1e871780f-xpmod-sse.7z' and I can't seem to visit https://forum.openmpt.org. I'm getting: forum.openmpt.org uses an invalid security certificate. The certificate is not trusted because the issuer certificate is unknown. The server might not be sending the appropriate intermediate certificates. An additional root certificate may need to be imported. (Error code: SEC_ERROR_UNKNOWN_ISSUER) No problem at all when I visit this website on my smartphone. Link to comment Share on other sites More sharing options...
AstroSkipper Posted May 25, 2022 Share Posted May 25, 2022 (edited) 1 hour ago, Reino said: I'm using 'palemoon-28.10.6a1.win32-git-20220521-d849524bd-uxp-1e871780f-xpmod-sse.7z' and I can't seem to visit https://forum.openmpt.org. I'm getting: forum.openmpt.org uses an invalid security certificate. The certificate is not trusted because the issuer certificate is unknown. The server might not be sending the appropriate intermediate certificates. An additional root certificate may need to be imported. (Error code: SEC_ERROR_UNKNOWN_ISSUER) No problem at all when I visit this website on my smartphone. Using palemoon-28.10.6a1.win32-git-20220521-d849524bd-uxp-1e871780f-xpmod.7z no problems here. This is the certificate you need: Maybe you can import it from another browser or use my for you exported certificate: https://www.mediafire.com/file/iak4kxtgsw6k5r3/openmptorg.crt/file Cheers, AstroSkipper Edited May 25, 2022 by AstroSkipper 1 Link to comment Share on other sites More sharing options...
roytam1 Posted May 25, 2022 Author Share Posted May 25, 2022 On 5/24/2022 at 3:20 PM, roytam1 said: the problem is in old libstagefright bundled in UXP as it can't find any tracks from that MP4 file. I need to dig upstreams to see if there is a fix for this issue. and a fix is pushed. https://github.com/roytam1/UXP/commit/d9f1118729a59ba99e48e2296bd71c73934a7b62 4 Link to comment Share on other sites More sharing options...
Mathwiz Posted May 26, 2022 Share Posted May 26, 2022 14 hours ago, Reino said: I'm using 'palemoon-28.10.6a1.win32-git-20220521-d849524bd-uxp-1e871780f-xpmod-sse.7z' and I can't seem to visit https://forum.openmpt.org. I'm getting: forum.openmpt.org uses an invalid security certificate. The certificate is not trusted because the issuer certificate is unknown. The server might not be sending the appropriate intermediate certificates. An additional root certificate may need to be imported. (Error code: SEC_ERROR_UNKNOWN_ISSUER) No problem at all when I visit this website on my smartphone. Make sure NM 28 isn't configured to go through ProxHTTPSProxyMII or a similar secure proxy. (NM 28 shouldn't need it.) 1 Link to comment Share on other sites More sharing options...
Reino Posted May 26, 2022 Share Posted May 26, 2022 I don't know what "ProxHTTPSProxyMII" is, but I'm not using a proxy. Never have. Anyway, I don't know what happened, but it appears the problem is somehow gone now. I can now visit https://forum.openmpt.org/ and the certificate is exactly the same as shown by @AstroSkipper. Weird. Link to comment Share on other sites More sharing options...
AstroSkipper Posted May 26, 2022 Share Posted May 26, 2022 17 minutes ago, Reino said: I don't know what "ProxHTTPSProxyMII" is, but I'm not using a proxy. Never have. Anyway, I don't know what happened, but it appears the problem is somehow gone now. I can now visit https://forum.openmpt.org/ and the certificate is exactly the same as shown by @AstroSkipper. Weird. Glad it works for you now! In some cases you need a proxy like ProxHTTPSProxy or HTTPSProxy in Windows XP. If you don't know what it is, have a look in my thread: Cheers, AstroSkipper Link to comment Share on other sites More sharing options...
NotHereToPlayGames Posted May 26, 2022 Share Posted May 26, 2022 1 hour ago, AstroSkipper said: In some cases you need a proxy like ProxHTTPSProxy or HTTPSProxy in Windows XP. I haven't stumbled into any cases where ProxHTTPSProxy or HTTPSProxy is "needed". I do not use Windows Updates and it seems that's really the only thing where there is a "need". Link to comment Share on other sites More sharing options...
GrandAdmiralThrawn Posted May 26, 2022 Share Posted May 26, 2022 I just updated from New Moon 28.10.5a1 to 28.10.6a1 (64-bit on XP x64) and noticed it can now pass the Cloudflare browser check! This is reaaaally helpful for my partly web-based primary workflow, so if anything you did made this work, roytam1, you have my sincere thanks! 2 Link to comment Share on other sites More sharing options...
NotHereToPlayGames Posted May 26, 2022 Share Posted May 26, 2022 25 minutes ago, GrandAdmiralThrawn said: and noticed it can now pass the Cloudflare browser check! Sweet! I only wish there was a way to get Proxomitron Reborn to pass that Cloudflare check 1 Link to comment Share on other sites More sharing options...
XPerceniol Posted May 26, 2022 Share Posted May 26, 2022 Hello: @GrandAdmiralThrawn and @NotHereToPlayGames as well as others reading. What am I missing here? I'm not able to pass the Cloudflare check on 360, Serpent, New Moon, or Mypal Please see attached pictures that show I've not a secure connection to 1.1.1.1. Any advice appreciated :) Link to comment Share on other sites More sharing options...
XPerceniol Posted May 26, 2022 Share Posted May 26, 2022 https://www.cloudflare.com/ssl/encrypted-sni/ https://www.ghacks.net/2019/04/29/check-if-your-browser-uses-secure-dns-dnssec-tls-1-3-and-encrypted-sni/ Link to comment Share on other sites More sharing options...
NotHereToPlayGames Posted May 26, 2022 Share Posted May 26, 2022 I'm not referring to Secure DNS (I do not use it and see it as "hype and propaganda"). I'm referring to Cloudflare "fingerprint" tests that some web sites will not let you visit until you demonstrate you are human by clicking on mountains, boats, traffic lights, bikes, et cetera. If you can visit the below website WITHOUT being asked to prove that you are human, then you are PASSING the Cloudflare browser checks. https://raybuck.com/firebird-vs-trans-am-history-trivia/ 1 Link to comment Share on other sites More sharing options...
XPerceniol Posted May 26, 2022 Share Posted May 26, 2022 1 hour ago, NotHereToPlayGames said: I'm not referring to Secure DNS (I do not use it and see it as "hype and propaganda"). I'm referring to Cloudflare "fingerprint" tests that some web sites will not let you visit until you demonstrate you are human by clicking on mountains, boats, traffic lights, bikes, et cetera. If you can visit the below website WITHOUT being asked to prove that you are human, then you are PASSING the Cloudflare browser checks. https://raybuck.com/firebird-vs-trans-am-history-trivia/ Oh, I see. Yes I just visited that site without being asked anything at all so I guess I'm also good to go. Thank you for your help. 1 Link to comment Share on other sites More sharing options...
VistaLover Posted May 26, 2022 Share Posted May 26, 2022 (edited) 1 hour ago, NotHereToPlayGames said: If you can visit the below website WITHOUT being asked to prove that you are human, then you are PASSING the Cloudflare browser checks. https://raybuck.com/firebird-vs-trans-am-history-trivia/ A definitive "CloudFlare Browser Check" is trying to log-in to GitLab: https://gitlab.com/users/sign_in BTW, this happens when site admins - who are CF clients - have enabled a feature called "Browser Integrity Check" (BIC) ... CF have recently abolished the CAPTCHA challenges as part of BIC, replacing them with automated checking (JS) scripts, requiring the browser to pass mathematical "challenges"... It was those scripts that were being "racist" towards non-mainstream browsers and thus those browsers (including the UXP ones) were outright denied access to sites CF intend to "protect" from "unwelcome" traffic... 3 hours ago, GrandAdmiralThrawn said: so if anything you did made this work, roytam1, you have my sincere thanks! That CF issue (please search this thread for more details) finally made it to prominent web sites/forums, not to mention the "loud voices" of some Pale Moon users (to which we owe big thanks ) on CF's Community Forums, so it had to be acknowledged and acted upon by real CF devs... It was "them" who fixed it for us (but some more "obscure" web browsers, like the Qt-based Otter Browser, are reported to still suffer from this "racism" ) ... OT: @Dave-H : Do you, hopefully, know what happened to https://thedndsanctuary.eu/ that used to post invaluable info about the Otter Browser ? Edited May 26, 2022 by VistaLover 3 Link to comment Share on other sites More sharing options...
UCyborg Posted May 26, 2022 Share Posted May 26, 2022 1 hour ago, NotHereToPlayGames said: Sweet! I only wish there was a way to get Proxomitron Reborn to pass that Cloudflare check Yeah, I wonder what's the deal here. At first, I thought it just acts as simple passthrough when no rules are applied, but it's not, sites will detect and block it if they desire. Some company's website acting as a gateway to their network I came across said plainly that I'm using a proxy and can't enter. Even Google image search doesn't work properly, get some CSP errors in the console when trying to view individual image. I use proxy.pac to get the browser to connect via proxy only to hosts for which I use Proxomitron. I don't need it for any site that actually blocks it. Link to comment Share on other sites More sharing options...
Recommended Posts