Off-Topic :
K-Meleon Web Browser Forum
Over at the Proxomitron forum this information was posted by amy dealing with:
Adapting proxo 4.5 to the latest OpenSSL DLLs
She posted this ...
"Also, if you're looking for a certs.pem you can use the cacert.pem from http://curl.haxx.se/docs/caextract.html (you'll have to rename it to certs.pem for Proxomitron to load it), this is the same set of certificates that Firefox has."
CA certificates extracted from Mozilla
Related: SSL Certs
The Mozilla CA certificate store in PEM format (around 250KB uncompressed):
cacert.pem
This bundle was generated at Wed Sep 20 2017 GMT.
https://curl.haxx.se/docs/caextract.html
Don't know if this would be of any use to anyone here for updated certs. The last download is dated Sept 20, 2017.
...
Edited 1 time(s). Last edit at 12/24/2017 03:26PM by callahan.
Thanks for posting such general tips. Appreciate it, the only prob is lacking skills and time to learn and implement it, sigh.
But missing CERTs are meanwhile becoming the biggest prob on KM1.6, a real pest! On perfectly harmless public sites too. So for at least a quick look and perhaps download, I clicked your two links above.
Result - all to well known by now...
har har :cool:
Thanks ... yes, I also don't understand all the "inner workings" of almost everything but I pick this up 'here and there' and sometimes can make use of it.
Quote:
An error occurred during a connection to curl.haxx.se [+other link too]
Cannot communicate securely with peer: no common encryption algorithm(s).
(Error code: ssl_error_no_cypher_overlap)
I didn't run into that issue when going to that website. I'm using the latest KM 76 update by roytam1 (12-23-2017) and the web page opens OK as any normal page.
I just wondered if those updated certs from Sept would be of use to anyone working on a project of their own. At least they can bookmark the page for future need.
callahan
Thanks Again Callahan !!
That site opened fine in KM for me, but I do not know what I'd do with the offered certs...perhaps someone who knows lots about this will post here and clue us all in ?!?
Best Wishes to All !!
Have zero clue about certificates, so not sure if that's what you need, but in KM a Cert-manager is found here:
Tools > Privacy > View Data > View Certificates
Quite well hidden ;-)
And it's not just for viewing, one can also import them too and lots other actions.
Thanks for the KM information about where the certs are in K-Meleon. I was interested in seeing if I can update the certs in an older version of KM.
KM 1.8.24.22 by adodupan I still use sometimes and I figure those certs are very old by now. I have no idea if I can update those certs or if that certs download would even work in KM 1.8.
I was just going to experiment and see what happens. That was one idea I had ... others may have other ideas.
...
Sounds interesting for me too. Perhaps there's a tiny chance to also import them in KM1.6...
Just curious, why still 1.8 (KM74 sibling)? Special features or something...?
I always liked the KM 1.8 version. It was light and very fast ... I guess it was pre KM 74 or a test version of KM 74.
It wasn't widely talked about as I remember but I moved from KM 1.6 to KM 1.8 and just got to like it.
Someone here may be able to help with infoemation about updating the certs in KM 1.6 and KM 1.8 ... it would sure be nice if that certs download can work to that end.
I don't use KM 1.8 as much since roytam1 came and started working with KM 76 ... I really like the current version and mostly use it for everything. The certs seem to be updated in the roytam1 version ... gets a good test result at the SSL web site.
The older version of KM 76 Pro had some issues that do not show up in the version by roytam1.
...
Bwah-ah-ah !!
If this info can be pinned down somehow & fixes SSL problems in older browsers...
PocketKM will get LOTS more use here !!!
'Tis the lightest, fastest browser that I still have & I miss using it daily.
Came across callahans posting from last may, concerning certificates, some tool from the MSFN forum. All still over my head, but would like to link it here in this special CERT thread, just so it can be found easier.
Long post, continue here:
http://kmeleonbrowser.org/forum/read.php?1,141855,141862#msg-141862
siria ... I remembered that I had posted some certs information earlier but I could not remember when or where.
Heinoganda's certificate tool is still there and working. I use it for IE8 and my WinXP setup ... but it doesn't help with K-Meleon at all. I think I am correct in saying that.
I asked heinoganda over at the MSFN forum some time back ... if a person really needs these certificate updates if they no longer use Internet Explorer 8 with WinXP as a browser. At the time all I was using was was KM 1.8 and KM 75 and also Pale Moon (last XP version).
He replied that updated certs should still be downloaded or applied. They may be needed by other items or programs ... if I understood correctly. I continue to update with his update tool.
I think New Moon is currently updated by roytam1 but not sure about his KM version ... it may be.
SSL Test Page
https://www.ssllabs.com/ssltest/viewMyClient.html#1514542800184&frame_loaded
When I go to the SSL Test Page ... I get a better reading than I did with KM76 Pro. With roytam1's version, I get this newer reading.
"TLS 1.3 Yes"
Your user agent has good protocol support.
Your user agent supports TLS 1.2, which is recommended protocol version at the moment.
Experimental: Your user agent supports TLS 1.3.
Protocol Features
Protocols:
TLS 1.3 Yes
TLS 1.2 Yes
TLS 1.1 Yes
TLS 1.0 Yes
SSL 3 No
SSL 2 No
... with Pale Moon and KM76 Pro the TLS 1.3 was always 'No'. I really know very little about all this but it seems to me a "Yes" is better than a "No".
Someone else can explain everything better.
callahan
Edited 1 time(s). Last edit at 12/29/2017 10:30AM by callahan.
All which isn't K-Meleon related.
CA Certificates Extracted from Mozilla
Posted by:
callahan
Date: December 24, 2017 03:25PM
Over at the Proxomitron forum this information was posted by amy dealing with:
Adapting proxo 4.5 to the latest OpenSSL DLLs
She posted this ...
"Also, if you're looking for a certs.pem you can use the cacert.pem from http://curl.haxx.se/docs/caextract.html (you'll have to rename it to certs.pem for Proxomitron to load it), this is the same set of certificates that Firefox has."
CA certificates extracted from Mozilla
Related: SSL Certs
The Mozilla CA certificate store in PEM format (around 250KB uncompressed):
cacert.pem
This bundle was generated at Wed Sep 20 2017 GMT.
https://curl.haxx.se/docs/caextract.html
Don't know if this would be of any use to anyone here for updated certs. The last download is dated Sept 20, 2017.
...
Edited 1 time(s). Last edit at 12/24/2017 03:26PM by callahan.
Re: CA Certificates Extracted from Mozilla
Posted by:
siria
Date: December 24, 2017 03:36PM
Thanks for posting such general tips. Appreciate it, the only prob is lacking skills and time to learn and implement it, sigh.
But missing CERTs are meanwhile becoming the biggest prob on KM1.6, a real pest! On perfectly harmless public sites too. So for at least a quick look and perhaps download, I clicked your two links above.
Result - all to well known by now...
Quote
An error occurred during a connection to curl.haxx.se [+other link too]
Cannot communicate securely with peer: no common encryption algorithm(s).
(Error code: ssl_error_no_cypher_overlap)
har har :cool:
Re: CA Certificates Extracted from Mozilla
Posted by:
callahan
Date: December 24, 2017 05:08PM
Thanks ... yes, I also don't understand all the "inner workings" of almost everything but I pick this up 'here and there' and sometimes can make use of it.
Quote:
An error occurred during a connection to curl.haxx.se [+other link too]
Cannot communicate securely with peer: no common encryption algorithm(s).
(Error code: ssl_error_no_cypher_overlap)
I didn't run into that issue when going to that website. I'm using the latest KM 76 update by roytam1 (12-23-2017) and the web page opens OK as any normal page.
I just wondered if those updated certs from Sept would be of use to anyone working on a project of their own. At least they can bookmark the page for future need.
callahan
Re: CA Certificates Extracted from Mozilla
Posted by:
smallhagrid
Date: December 24, 2017 09:48PM
Thanks Again Callahan !!
That site opened fine in KM for me, but I do not know what I'd do with the offered certs...perhaps someone who knows lots about this will post here and clue us all in ?!?
Best Wishes to All !!
Re: CA Certificates Extracted from Mozilla
Posted by:
siria
Date: December 24, 2017 11:14PM
Have zero clue about certificates, so not sure if that's what you need, but in KM a Cert-manager is found here:
Tools > Privacy > View Data > View Certificates
Quite well hidden ;-)
And it's not just for viewing, one can also import them too and lots other actions.
Re: CA Certificates Extracted from Mozilla
Posted by:
callahan
Date: December 24, 2017 11:45PM
Thanks for the KM information about where the certs are in K-Meleon. I was interested in seeing if I can update the certs in an older version of KM.
KM 1.8.24.22 by adodupan I still use sometimes and I figure those certs are very old by now. I have no idea if I can update those certs or if that certs download would even work in KM 1.8.
I was just going to experiment and see what happens. That was one idea I had ... others may have other ideas.
...
Re: CA Certificates Extracted from Mozilla
Posted by:
siria
Date: December 24, 2017 11:55PM
Sounds interesting for me too. Perhaps there's a tiny chance to also import them in KM1.6...
Just curious, why still 1.8 (KM74 sibling)? Special features or something...?
Re: CA Certificates Extracted from Mozilla
Posted by:
callahan
Date: December 25, 2017 12:25AM
I always liked the KM 1.8 version. It was light and very fast ... I guess it was pre KM 74 or a test version of KM 74.
It wasn't widely talked about as I remember but I moved from KM 1.6 to KM 1.8 and just got to like it.
Someone here may be able to help with infoemation about updating the certs in KM 1.6 and KM 1.8 ... it would sure be nice if that certs download can work to that end.
I don't use KM 1.8 as much since roytam1 came and started working with KM 76 ... I really like the current version and mostly use it for everything. The certs seem to be updated in the roytam1 version ... gets a good test result at the SSL web site.
The older version of KM 76 Pro had some issues that do not show up in the version by roytam1.
...
Re: CA Certificates Extracted from Mozilla
Posted by:
smallhagrid
Date: December 25, 2017 09:05PM
Bwah-ah-ah !!
If this info can be pinned down somehow & fixes SSL problems in older browsers...
PocketKM will get LOTS more use here !!!
'Tis the lightest, fastest browser that I still have & I miss using it daily.
Re: Certificates
Posted by:
siria
Date: December 28, 2017 06:35PM
Came across callahans posting from last may, concerning certificates, some tool from the MSFN forum. All still over my head, but would like to link it here in this special CERT thread, just so it can be found easier.
Quote
callahan
Yes, I was going to mention that tool to update certificates. I use it and it's very good. I will go into some detail here about it. It was developed by heinoganda, who is a sharp, knowledgeable contributor there for WinXP.
(...)
Long post, continue here:
http://kmeleonbrowser.org/forum/read.php?1,141855,141862#msg-141862
Re: Certificates
Posted by:
callahan
Date: December 29, 2017 10:28AM
siria ... I remembered that I had posted some certs information earlier but I could not remember when or where.
Heinoganda's certificate tool is still there and working. I use it for IE8 and my WinXP setup ... but it doesn't help with K-Meleon at all. I think I am correct in saying that.
I asked heinoganda over at the MSFN forum some time back ... if a person really needs these certificate updates if they no longer use Internet Explorer 8 with WinXP as a browser. At the time all I was using was was KM 1.8 and KM 75 and also Pale Moon (last XP version).
He replied that updated certs should still be downloaded or applied. They may be needed by other items or programs ... if I understood correctly. I continue to update with his update tool.
I think New Moon is currently updated by roytam1 but not sure about his KM version ... it may be.
SSL Test Page
https://www.ssllabs.com/ssltest/viewMyClient.html#1514542800184&frame_loaded
When I go to the SSL Test Page ... I get a better reading than I did with KM76 Pro. With roytam1's version, I get this newer reading.
"TLS 1.3 Yes"
Your user agent has good protocol support.
Your user agent supports TLS 1.2, which is recommended protocol version at the moment.
Experimental: Your user agent supports TLS 1.3.
Protocol Features
Protocols:
TLS 1.3 Yes
TLS 1.2 Yes
TLS 1.1 Yes
TLS 1.0 Yes
SSL 3 No
SSL 2 No
... with Pale Moon and KM76 Pro the TLS 1.3 was always 'No'. I really know very little about all this but it seems to me a "Yes" is better than a "No".
Someone else can explain everything better.
callahan
Edited 1 time(s). Last edit at 12/29/2017 10:30AM by callahan.
English