Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

But now there is no button "continue", you have to click multiple buttons, which are not clearly labelled, in order to see the page. I'm sure 90% of people would not even be aware that you are able to continue.

Even more, for self-signed certificate on chrome, there is no button to continue for example. Check https://self-signed.badssl.com/



In your example, all I had to do was click advanced then proceed(Chrome on Android)


Ok, on chrome desktop there is no way to bypass the security


Yes, there is. I often have to use it to deal with some internal misconfigured site inside the corporate intranet (the cause is almost always that a certificate has expired, when it isn't it's because a host can be reached with two names and the cert matches only one of them, but that case can be fixed by using the proper URL). I have no trouble telling chrome desktop to bypass.


... and I always read the details before proceeding (finding out what chrome's problem with the cert is).


For some type of errors it is possible, for some other it isn't. Check the badssl website and test the various type of bad certs, you'll see.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: