Open nolanl opened 13 years ago
Relying on firefox 'native' exceptions while using convergence is not a good idea because convergence returns its own certificate. The more correct way to get around this is implement fingerprint exceptions in convergence itself. There is a fork at https://github.com/melknin/Convergence that has cache management. It has been discussed a bit in #7, you might want to read that discussion before trying it.
It turns out that there are some security implications to setting the CN field to what FF would like it to be, so we'll have to implement a smooth exception interface built into the FF dialog that renders out instead.
Lots of folks have self-signed certs that they manually added exceptions for, and lots of these certs don't have a correct CN field. This was no problem in the pre-convergence world, but causes cert failures post.