Reino Posted May 25, 2022 Posted May 25, 2022 I'm using 'palemoon-28.10.6a1.win32-git-20220521-d849524bd-uxp-1e871780f-xpmod-sse.7z' and I can't seem to visit https://forum.openmpt.org. I'm getting: forum.openmpt.org uses an invalid security certificate. The certificate is not trusted because the issuer certificate is unknown. The server might not be sending the appropriate intermediate certificates. An additional root certificate may need to be imported. (Error code: SEC_ERROR_UNKNOWN_ISSUER) No problem at all when I visit this website on my smartphone.
AstroSkipper Posted May 25, 2022 Posted May 25, 2022 (edited) 1 hour ago, Reino said: I'm using 'palemoon-28.10.6a1.win32-git-20220521-d849524bd-uxp-1e871780f-xpmod-sse.7z' and I can't seem to visit https://forum.openmpt.org. I'm getting: forum.openmpt.org uses an invalid security certificate. The certificate is not trusted because the issuer certificate is unknown. The server might not be sending the appropriate intermediate certificates. An additional root certificate may need to be imported. (Error code: SEC_ERROR_UNKNOWN_ISSUER) No problem at all when I visit this website on my smartphone. Using palemoon-28.10.6a1.win32-git-20220521-d849524bd-uxp-1e871780f-xpmod.7z no problems here. This is the certificate you need: Maybe you can import it from another browser or use my for you exported certificate: https://www.mediafire.com/file/iak4kxtgsw6k5r3/openmptorg.crt/file Cheers, AstroSkipper Edited May 25, 2022 by AstroSkipper 1
roytam1 Posted May 25, 2022 Author Posted May 25, 2022 On 5/24/2022 at 3:20 PM, roytam1 said: the problem is in old libstagefright bundled in UXP as it can't find any tracks from that MP4 file. I need to dig upstreams to see if there is a fix for this issue. and a fix is pushed. https://github.com/roytam1/UXP/commit/d9f1118729a59ba99e48e2296bd71c73934a7b62 5
Mathwiz Posted May 26, 2022 Posted May 26, 2022 14 hours ago, Reino said: I'm using 'palemoon-28.10.6a1.win32-git-20220521-d849524bd-uxp-1e871780f-xpmod-sse.7z' and I can't seem to visit https://forum.openmpt.org. I'm getting: forum.openmpt.org uses an invalid security certificate. The certificate is not trusted because the issuer certificate is unknown. The server might not be sending the appropriate intermediate certificates. An additional root certificate may need to be imported. (Error code: SEC_ERROR_UNKNOWN_ISSUER) No problem at all when I visit this website on my smartphone. Make sure NM 28 isn't configured to go through ProxHTTPSProxyMII or a similar secure proxy. (NM 28 shouldn't need it.) 1
Reino Posted May 26, 2022 Posted May 26, 2022 I don't know what "ProxHTTPSProxyMII" is, but I'm not using a proxy. Never have. Anyway, I don't know what happened, but it appears the problem is somehow gone now. I can now visit https://forum.openmpt.org/ and the certificate is exactly the same as shown by @AstroSkipper. Weird.
AstroSkipper Posted May 26, 2022 Posted May 26, 2022 17 minutes ago, Reino said: I don't know what "ProxHTTPSProxyMII" is, but I'm not using a proxy. Never have. Anyway, I don't know what happened, but it appears the problem is somehow gone now. I can now visit https://forum.openmpt.org/ and the certificate is exactly the same as shown by @AstroSkipper. Weird. Glad it works for you now! In some cases you need a proxy like ProxHTTPSProxy or HTTPSProxy in Windows XP. If you don't know what it is, have a look in my thread: Cheers, AstroSkipper
NotHereToPlayGames Posted May 26, 2022 Posted May 26, 2022 1 hour ago, AstroSkipper said: In some cases you need a proxy like ProxHTTPSProxy or HTTPSProxy in Windows XP. I haven't stumbled into any cases where ProxHTTPSProxy or HTTPSProxy is "needed". I do not use Windows Updates and it seems that's really the only thing where there is a "need".
GrandAdmiralThrawn Posted May 26, 2022 Posted May 26, 2022 I just updated from New Moon 28.10.5a1 to 28.10.6a1 (64-bit on XP x64) and noticed it can now pass the Cloudflare browser check! This is reaaaally helpful for my partly web-based primary workflow, so if anything you did made this work, roytam1, you have my sincere thanks! 2
NotHereToPlayGames Posted May 26, 2022 Posted May 26, 2022 25 minutes ago, GrandAdmiralThrawn said: and noticed it can now pass the Cloudflare browser check! Sweet! I only wish there was a way to get Proxomitron Reborn to pass that Cloudflare check 1
XPerceniol Posted May 26, 2022 Posted May 26, 2022 Hello: @GrandAdmiralThrawn and @NotHereToPlayGames as well as others reading. What am I missing here? I'm not able to pass the Cloudflare check on 360, Serpent, New Moon, or Mypal Please see attached pictures that show I've not a secure connection to 1.1.1.1. Any advice appreciated :)
XPerceniol Posted May 26, 2022 Posted May 26, 2022 https://www.cloudflare.com/ssl/encrypted-sni/ https://www.ghacks.net/2019/04/29/check-if-your-browser-uses-secure-dns-dnssec-tls-1-3-and-encrypted-sni/
NotHereToPlayGames Posted May 26, 2022 Posted May 26, 2022 I'm not referring to Secure DNS (I do not use it and see it as "hype and propaganda"). I'm referring to Cloudflare "fingerprint" tests that some web sites will not let you visit until you demonstrate you are human by clicking on mountains, boats, traffic lights, bikes, et cetera. If you can visit the below website WITHOUT being asked to prove that you are human, then you are PASSING the Cloudflare browser checks. https://raybuck.com/firebird-vs-trans-am-history-trivia/ 1
XPerceniol Posted May 26, 2022 Posted May 26, 2022 1 hour ago, NotHereToPlayGames said: I'm not referring to Secure DNS (I do not use it and see it as "hype and propaganda"). I'm referring to Cloudflare "fingerprint" tests that some web sites will not let you visit until you demonstrate you are human by clicking on mountains, boats, traffic lights, bikes, et cetera. If you can visit the below website WITHOUT being asked to prove that you are human, then you are PASSING the Cloudflare browser checks. https://raybuck.com/firebird-vs-trans-am-history-trivia/ Oh, I see. Yes I just visited that site without being asked anything at all so I guess I'm also good to go. Thank you for your help. 1
VistaLover Posted May 26, 2022 Posted May 26, 2022 (edited) 1 hour ago, NotHereToPlayGames said: If you can visit the below website WITHOUT being asked to prove that you are human, then you are PASSING the Cloudflare browser checks. https://raybuck.com/firebird-vs-trans-am-history-trivia/ A definitive "CloudFlare Browser Check" is trying to log-in to GitLab: https://gitlab.com/users/sign_in BTW, this happens when site admins - who are CF clients - have enabled a feature called "Browser Integrity Check" (BIC) ... CF have recently abolished the CAPTCHA challenges as part of BIC, replacing them with automated checking (JS) scripts, requiring the browser to pass mathematical "challenges"... It was those scripts that were being "racist" towards non-mainstream browsers and thus those browsers (including the UXP ones) were outright denied access to sites CF intend to "protect" from "unwelcome" traffic... 3 hours ago, GrandAdmiralThrawn said: so if anything you did made this work, roytam1, you have my sincere thanks! That CF issue (please search this thread for more details) finally made it to prominent web sites/forums, not to mention the "loud voices" of some Pale Moon users (to which we owe big thanks ) on CF's Community Forums, so it had to be acknowledged and acted upon by real CF devs... It was "them" who fixed it for us (but some more "obscure" web browsers, like the Qt-based Otter Browser, are reported to still suffer from this "racism" ) ... OT: @Dave-H : Do you, hopefully, know what happened to https://thedndsanctuary.eu/ that used to post invaluable info about the Otter Browser ? Edited May 26, 2022 by VistaLover 3
UCyborg Posted May 26, 2022 Posted May 26, 2022 1 hour ago, NotHereToPlayGames said: Sweet! I only wish there was a way to get Proxomitron Reborn to pass that Cloudflare check Yeah, I wonder what's the deal here. At first, I thought it just acts as simple passthrough when no rules are applied, but it's not, sites will detect and block it if they desire. Some company's website acting as a gateway to their network I came across said plainly that I'm using a proxy and can't enter. Even Google image search doesn't work properly, get some CSP errors in the console when trying to view individual image. I use proxy.pac to get the browser to connect via proxy only to hosts for which I use Proxomitron. I don't need it for any site that actually blocks it.
Recommended Posts