Unable to connect with anything. Possibly due to the certificate

Barre / privaxy

Privaxy is the next generation tracker and advertisement blocker. It blocks ads and trackers by MITMing HTTP(s) traffic. Also check out my new project, https://www.merklemap.com/

https://www.merklemap.com/

GNU Affero General Public License v3.0

2.36k stars 103 forks source link

Unable to connect with anything. Possibly due to the certificate #86

Closed Lippiece closed 1 year ago

Lippiece commented 1 year ago

As per README in /usr/share/ca-certificates:

``` 7 │ QUICK HELP: To add a certificate in the simple PEM or DER file formats to the 8 │ list of CAs trusted on the system: 9 │ 10 │ Copy it to the 11 │ /usr/share/ca-certificates/trust-source/anchors/ 12 │ subdirectory, and run the 13 │ update-ca-trust 14 │ command. ```

I've done that, and also tried /etc/ca-certificates, but I'm unable to connect to anything.

When not importing the certificate into Firefox, it says MOZILLA_PKIX_ERROR_MITM_DETECTED:

![image](https://github.com/Barre/privaxy/assets/47634624/2cb2ca0a-a3e6-40b1-a0b4-117615f2a155)

When importing, it says BAD_SIGNATURE:

![image](https://github.com/Barre/privaxy/assets/47634624/e850600a-34dd-45b6-b2eb-b2a18da8b60e)

Barre commented 1 year ago

Hi,

https://support.mozilla.org/en-US/kb/error-codes-secure-websites

Lippiece commented 1 year ago

Hi,

https://support.mozilla.org/en-US/kb/error-codes-secure-websites

The suggestions provided for when the problem occurs in multiple sites are:

Antivirus: reinstall or use steps for specific product -- not the case. or at least tell why privaxy could cause certificate issues.
Monitoring/filtering in corporate networks: address your IT department -- thats_why_im_here.jpg.
Malware: deal with the malware -- I assume privaxy is not a malware.

Please reopen the issue. I'd be happy to provide any info to resolve this.

Barre commented 1 year ago

You need to make sure the Privaxy certificate is trusted, can you show a screenshot of your firefox configuration?

Lippiece commented 1 year ago

You need to make sure the Privaxy certificate is trusted, can you show a screenshot of your firefox configuration?

Do you mean settings? Should I screenshot all the pages?

Mishra-Suraj commented 1 year ago

@Lippiece Follow these steps and let me know if they work. I know the thread is closed but I had to tinker around to find a solution.

sudo trust anchor --store ./where_you_have_the_certificate/privaxy_ca_cert.pem
sudo update-ca-trust
Make sure privaxy is running and you have the filters applied.
Go to settings and search for certificates and look for this -
If you see it, then lastly check if you have set up your OS redirecting your connection through local proxy at localhost:8100