0

If you browse to biji.co/ads.txt manually via Chrome/Edge it works. In Firefox though it fails: Firefox fails

Websites prove their identity via certificates. Firefox does not trust this site because it uses a certificate that is not valid for biji.co. The certificate is only valid for www.biji.co.

Error code: SSL_ERROR_BAD_CERT_DOMAIN

Unable to communicate securely with peer: requested domain name does not match the server’s certificate.

HTTP Strict Transport Security: false

HTTP Public Key Pinning: false

When checking its headers through online header checkers they get errors too confirming the webpage is supposed to be inaccessible.

http://www.rexswain.com/cgi-bin/httpview.pl

SSL issue

https://network-tools.com/http-headers/

SSL issue

So how come Chrome/Edge don't alert about it and just accept this broken certificate?

Improve this question
5
  • Safari warns me about both links. I don’t understand your question
    – Ramhound
    Commented Nov 25, 2020 at 13:07
  • I've added a clarification that Chrome/Edge let you enter the link while other browsers don't. So the question is why do Chrome/Edge do so?
    – LWC
    Commented Nov 25, 2020 at 13:09
  • Chrome and Edge gives me a notification that the certificate isn’t valid. Are you sure you haven’t previously trusted the certificate in the past? The certificate generated a warning on every browser I have tried
    – Ramhound
    Commented Nov 25, 2020 at 13:30
  • Pretty sure, it doesn't exist in the list of Chrome's certificates: i.sstatic.net/4IDC9.png - plus I used InCognito, different profile and Guest mode.
    – LWC
    Commented Nov 25, 2020 at 13:48
  • Chrome and Edge use the certificate store of the OS. Firefox doesn’t.
    – Ramhound
    Commented Nov 25, 2020 at 13:56

0

Reset to default

You must log in to answer this question.