#6721 closed defect (fixed)
How to permanently solve the certificate issue when logging on to JOSM site
| Reported by: | D4RK-L3G10N | Owned by: | stoecker |
|---|---|---|---|
| Priority: | normal | Component: | Trac |
| Version: | Keywords: | certificate invalid permanent login | |
| Cc: |
Description (last modified by stoecker)
Some of you might have had the same problem as me, so I'll write a little bit about this issue and show how to somehow solve it.
Brief explanation
The certificate of JOSM's site is invalid because it's self signed. This means that the certificate is good, but it hasn't been acknowledged by any of the certification authorities currently present in the world. To do so, JOSM would have to pay a fee to get a certificate signed by any of those authorities, but since JOSM is a free association of volunteers, no money is available to pay for a valid certificate. So the certificate has been signed by themselves, which is already a form of validation, since the JOSM people are very trustworthy, or better, it has been self signed.
Presentation of the issue
If you're using Firefox 6.0, you will most likely see the screen below when you attempt to log on to JOSM. This happens because to log on you will have to use a secure http connection (https) and to do so you need a certificate.
How to solve the issue
To log in, you will have to add the certificate to your certificate exception list. In order to do so, click on 'I understand the Risks' and then on 'Add Exception...'. A new window will pop-up (as below). On that screen, confirm the link highlighted is https://josm.openstreetmap.de/, check the 'Permanently store this exception' box and clicking 'Confirm Security Exception...' button. If you were able to check the box, that's all that takes to solve this issue and not get this error message again. If not, see below for further instructions.
What if the Permanently store this exception box isn't clickable?
In that case, close all dialog boxes and open Tools -> Options on your Firefox upper bar. The options box will open. Click on the Advanced tab, then on the 'View Certificates' button, as shown on the screenshot below.
A new screen called 'Certificate Manager' will open, as shown below. Click on the Servers tab, then on the 'Add Exception...' button.
The screen below will open. On the Location: box, please type in 'https://josm.openstreetmap.de/', then click on the button next to it, 'Get Certificate'. You will notice that this time he will fetch the certificate correctly and the 'Permanently store this exception' box will be clickable. Check the box and click on the 'Confirm Security Exception...' button.
The dialog box shall close and the former screen will indicate that the JOSM certificate is now in the server certificate list, as shown highlighted on the screen below.
Close all windows, refresh your browser and try to log on. It should now work perfectly, without any warnings.
In case you want to be absolutely certain that the certificate you fetched is really the legit one, verify that the certificate's SHA1 fingerprint is 26:8B:4D:CB:AD:04:E7:50:EC:94:F8:34:83:CE:7C:06:8D:FD:61:3D. It very likely is.
Attachments (6)
Change History (11)
Changed 21 months ago by D4RK-L3G10N
comment:1 Changed 21 months ago by D4RK-L3G10N
- Description modified (diff)
- Resolution set to fixed
- Status changed from new to closed
comment:2 Changed 21 months ago by stoecker
Copied that text to ServerCertificate.
comment:3 Changed 21 months ago by stoecker
From one of your submit comments: "revision=1 to revision=22 what is the easiest way to see the rev number of the en page?"
Simply use "revision=0" and press "Preview". Then you see the revision of base document :-)
comment:4 Changed 18 months ago by stoecker
- Description modified (diff)
Hmm, screen6 image is missing also at ServerCertificate.
comment:5 Changed 3 months ago by anonymous
Ticket #8436 has been marked as a duplicate of this ticket.
Screen 1