NotHereToPlayGames Posted yesterday at 10:45 AM Posted yesterday at 10:45 AM 12 minutes ago, j7n said: Where do SSL certificates in Supermium come from? I haven't had a need to run any updaters, and I don't update my Windows. Good question! All Chrome-based browsers use WINDOWS'S "cert store". But I also *never* "update" Windows. But I've also *never* encountered "expired" certificates. And I'm also "deadset against" any (including those found at MSFN) "certificate updaters" (cause more harm than good). So yeah, good question, it would seem that my usage (and it sounds like yours too) would &/or should bump into "expired" certs - but again, I never have. In the past, for me at least, that was because I *created my own* certificate for PROXOMITRON and the browser only relied on that certificate. But I dropped Proxomitron in favor of all userscripts and userstyles about a year and a half ago (too many Cloudflare issues that requires Proxomitron [Reborn] to be bypassed). My gut reaction answer was that maybe certs are good for too long into the future so I've never hit an expiration. But MSFN's cert shows only THREE MONTHS between release date and expiration date. This Win10 install is WAY older than that! With no Windows Updates allowed! But no cert error here at MSFN. Sorry, none of that is really an "answer", per se, but adds intrigue to your question. Hmm... 1
j7n Posted yesterday at 02:42 PM Posted yesterday at 02:42 PM What matters on MSFN is the duration of the root certificate that the website's certificate is linked to. Many sites supply their own certificates that are linked to a trusted authority. ISRG Root X2 is valid until september 2040. Root YE is valid until september 2032, and YE2 until september 2028. 1
VistaLover Posted yesterday at 05:46 PM Posted yesterday at 05:46 PM 6 hours ago, j7n said: Where do SSL certificates in Supermium come from 6 hours ago, NotHereToPlayGames said: All Chrome-based browsers use WINDOWS'S "cert store". That last statement has been only PARTIALLY true, or even completely FALSE (based on a user setting), since a great-many number of past Chromium versions; since the "mid-50's", shortly after XP/Vista support went away, Chromium also comes with its own Certificate Store, a la Firefox; the OS cert store can be used as a supplement, too, or completely disabled; I'm too lazy now to search for the very first Chrome version that bundled its own cert store, but as the question involves (recent) Supermium, here's some "enlightening" pictures of Supermium's own CertManager: "localcerts" are the ones imported from the OS CertStore; they can be made available to Supermium, or completely ignored, as per my setting in the picture above ... "crscerts" are Supermium's own CertStore root certificates; there's even the ability to export the store to a PEM file, but NOT import a cert from other sources... 6 hours ago, NotHereToPlayGames said: But MSFN's cert shows only THREE MONTHS between release date and expiration date. Site certs are actually "server" certs; these have to be verified against a cert-chain, possibly involving also "intermediate" certs stored transiently in the store, whose end is always a Root Certificate stored in either the browser's store or the OS store; when server certs expire, the server owner has to renew them with new ones issued by a Certificate Authority (paid-for or free, like "Let's Encrypt"); root certs have very long validity durations and when they expire, it's up to the browser or OS vendor to renew them; also, some root certs sometimes get revoked (because of them having been compromised), so the cert store, be it in a browser or the OS. has to be properly "maintained"; "legacy" WinOSes, no longer supported by MS, usually have stale OS cert stores, so these should either be manually updated somehow , or the user should, instead. turn to apps with their own, maintained, root cert stores ... 1
Dave-H Posted 20 hours ago Posted 20 hours ago Going back to a previous discussion, people might be interested to know that the latest release of Supermium includes an editor for the UA string and Client Hints, which may be useful. It's a standalone program, not built into the browser. https://github.com/win32ss/supermium/releases/download/v144-4/supermium_uao.zip
Dave-H Posted 19 hours ago Posted 19 hours ago Of course I've now found that it doesn't work on Windows XP!
NotHereToPlayGames Posted 19 hours ago Posted 19 hours ago It needs improved. It doesn't really replace the original CH, it "appends" to them. The red arrow is the "original" (the tool DOES change the version, but not the brand). The blue arrow is the tool's "custom" entries. This THREE ENTRY brand isn't "normal", I *think* (but not sure) that most javascript that "reads" this line will only see the ORIGINAL, it will never see that THIRD "appended" entry that follows. 1
NotHereToPlayGames Posted 18 hours ago Posted 18 hours ago 47 minutes ago, Dave-H said: Of course I've now found that it doesn't work on Windows XP! I didn't look into it that far (will need to wait for another day). But I suspect that for those of us with access to newer-than-XP, we can run it in that, and just copy a file over to XP. That would be my guess, but I didn't look into it. It is writing that info to "something", .ini, .dat, .bin, .txt, config file without extension, "something". Safe assumption because it DOES ASK if you want to OVERWRITE when you make changes and click the save.
VistaLover Posted 17 hours ago Posted 17 hours ago 2 hours ago, Dave-H said: the latest release of Supermium includes an editor for the UA string and Client Hints, which may be useful. It's a standalone program, not built into the browser. FWIW, this tool has existed since Oct 2024 (!), but was being offered exclusively to Patreon paid-subscription members : https://www.patreon.com/posts/supermium-uach-113234339 (... and it does work under Vista SP2 32-bit ) @NotHereToPlayGames , have you read this ? 1
NotHereToPlayGames Posted 17 hours ago Posted 17 hours ago 7 minutes ago, VistaLover said: have you read this ? yep, thanks
jumper Posted 17 hours ago Posted 17 hours ago (edited) 2 hours ago, Dave-H said: Of course I've now found that it doesn't work on Windows XP! https://learn.microsoft.com/en-us/windows/win32/api/winnls/nf-winnls-lcmapstringex : Quote LCMapStringEx function (winnls.h) [...] Note The application should call this function in preference to LCMapString if designed to run only on Windows Vista and later. LCMapStringEx is a z9e. LCMapStringW is a z6e with identical first six parameters, so might work. After substituting with ImportPatcher, loads and immediately runs into an Illegal Instruction (SSE+) on my Pentium 2 / 98fe with KernelEx in XP mode. Edited 17 hours ago by jumper inserted "my Pentium 2 /" 1
user57 Posted 11 hours ago Posted 11 hours ago 7 hours ago, NotHereToPlayGames said: It needs improved. It doesn't really replace the original CH, it "appends" to them. The red arrow is the "original" (the tool DOES change the version, but not the brand). The blue arrow is the tool's "custom" entries. This THREE ENTRY brand isn't "normal", I *think* (but not sure) that most javascript that "reads" this line will only see the ORIGINAL, it will never see that THIRD "appended" entry that follows. https://ibb.co/s9GjRTzb so far good job, as suspected these are often the same values and are connected to each others - also as expected unlike the plugin the source code often change both up the 3 in brands are snipped together you can definatly tell - this not a brand maybe needs a small rework as it dont show something like "8" to me it shows version 99 (but i have a unchanged official chrome 109 on that windows 7 machine) that not a brand apears again in sec-ch-us-full-version-list again with a oddly weird version of "8 " Sec-CH-UA-Platform-Version also shows me "0.1.0" not 10.0.0 - i dont know if thats a normal value either for supermium or that chrome browser i use (it might be bugged - but i can say its unchanged) so i would say finding what makes that value 8 is the only missing thing at the moment the legacy string you have not shown us, maybe that one is imperfect but so far again - well job
NotHereToPlayGames Posted 7 hours ago Posted 7 hours ago You don't "need" that tool. All it does is create ONE FILE in your profile directory and Supermium looks for that file. It is called "uao" without any dot-extension. Basically follows this format: 1
Dave-H Posted 6 hours ago Posted 6 hours ago 11 hours ago, VistaLover said: FWIW, this tool has existed since Oct 2024 (!), but was being offered exclusively to Patreon paid-subscription members : https://www.patreon.com/posts/supermium-uach-113234339 (... and it does work under Vista SP2 32-bit ) @NotHereToPlayGames , have you read this ? Thanks, that's interesting! 1 hour ago, NotHereToPlayGames said: You don't "need" that tool. All it does is create ONE FILE in your profile directory and Supermium looks for that file. It is called "uao" without any dot-extension. Basically follows this format: That's good. As you said earlier, presumably I can just make any changes I need on the 64-bit Windows 10 version, and then copy the generated file to the 32-bit Windows XP version. 1
user57 Posted 5 hours ago Posted 5 hours ago 2 hours ago, NotHereToPlayGames said: You don't "need" that tool. All it does is create ONE FILE in your profile directory and Supermium looks for that file. It is called "uao" without any dot-extension. Basically follows this format: only one thing is missing then, in "Not_A Brand" there is a last version at the end, it has a 8 there
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now