ability to accept expired/self-signed certificates

[ajacocks]

I'd like to be able to get to sites with expired, self-signed, or other non-compliant SSL certificates. Apparently, CEF can do this, based on this discussion: https://www.magpcss.org/ceforum/viewtopic.php?f=6&t=18927

Maybe add a toggle button in the toolbar?

[ttalvitie]

Yes, there probably should be support for this. I don't think a toggle button at the toolbar is good for this though; it takes a lot of space and attention given how rarely this is used, and there is a high risk of enabling it/leaving it on by accident. I would rather implement it the way most browsers do: making per-domain exceptions. First this would be implemented as a command line argument where you can list the domains; later I could consider adding a simple UI to the certificate error page where the user can click buttons to add an exception for the session. How does this sound?

[ttalvitie]

Now there is finally support for adding per-domain exceptions using the --certificate-check-exceptions command line option in Browservice v0.9.9.0.

[ajacocks]

Thanks @ttalvitie ! I'll test it out.