You are not logged in.
Today when I tried to connect to https://bbs.archlinux.org/ using Firefox, which has been fine before today, the page did not connect, but instead gave a security warning "Did Not Connect: Potential Security Issue" with the text:
Firefox detected a potential security threat and did not continue to bbs.archlinux.org because this web site requires a secure connection.
What can you do about it?
bbs.archlinux.org has a security policy called HTTP Strict Transport Security (HSTS), which means that Firefox can only connect to it securely. You can’t add an exception to visit this site.
The issue is most likely with the web site, and there is nothing you can do to resolve it.
So instead I have had to connect using Chrome, which worked fine. Does anyone know whether there has been a change on the arch forum web site that has led to this loss of ability to connect using Firefox? I do have strict browser tracking set in Firefox but presumably that isn't the problem?
Edit: I did some googling and it seems this was due to HSTS Strict Security - but I found that by removing the cookie within Firefox for the arch forum site, and reloading the forum page, it all worked fine again. So this is resolved.
Last edited by mcloaked (2021-06-17 10:33:02)
Mike C
Offline
Mod note: moving to Forum and Wiki
Sakura:-
Mobo: MSI MAG X570S TORPEDO MAX // Processor: AMD Ryzen 9 5950X @4.9GHz // GFX: AMD Radeon RX 5700 XT // RAM: 32GB (4x 8GB) Corsair DDR4 (@ 3000MHz) // Storage: 1x 3TB HDD, 6x 1TB SSD, 2x 120GB SSD, 1x 275GB M2 SSD
Making lemonade from lemons since 2015.
Offline
For me, this issue still persists, even after deleting the cookies for the domain archlinux.org.
Aaaaand, it's gone. o.O
Last edited by schard (2021-06-17 10:37:45)
Inofficial first vice president of the Rust Evangelism Strike Force
Online
No idea what firefox is doing. It should be trusted...
https://censys.io/certificates/84818282 … 440AF345FF
https://censys.io/certificates/730c1bdc … 54224dad3b
https://www.ssllabs.com/ssltest/analyze … hlinux.org
For some reason I already have an exception for the arch certificate, so I did not get a warning, only an exclamation mark on the ssl symbol.
I did not get an HSTS error either.
Edit: The not trusted status / excpetion just cleared itself, I have a normal certificate again.
Maybe one of the OCSP servers or so had problems and firefox did not like that?
Last edited by progandy (2021-06-17 10:40:48)
| alias CUTF='LANG=en_XX.UTF-8@POSIX ' |
Offline