Current time: 09-22-2019, 07:23 AM Hello There, Guest! (LoginRegister)

Post Reply 
 
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Browser settings to test https pages
11-13-2014, 06:58 AM (This post was last modified: 11-13-2014 07:45 AM by jbr.)
Post: #1
Browser settings to test https pages
We have installed a Private Instance

However, on some, not all, of the https pages we are getting…

Chrome - Private error
Firefox - Untrusted connection

But on webpagetest.org we do not get those messages on the same pages. I assume it is browser settings related. Are there recommended browser settings for the test agent browsers?

Thanks
Find all posts by this user
Quote this message in a reply
11-14-2014, 05:33 AM
Post: #2
RE: Browser settings to test https pages
Are you sure that your local network doesn't have a transparent proxy that is being run by the security team? If so it's going to screw with performance but you can get around it by installing the appropriate certificates on your test agents.
Visit this user's website Find all posts by this user
Quote this message in a reply
11-14-2014, 06:37 AM
Post: #3
RE: Browser settings to test https pages
(11-14-2014 05:33 AM)pmeenan Wrote:  Are you sure that your local network doesn't have a transparent proxy that is being run by the security team? If so it's going to screw with performance but you can get around it by installing the appropriate certificates on your test agents.

It does not have a proxy of any kind.

webpagetest.org accesses it fine and returns normal looking test results.
Find all posts by this user
Quote this message in a reply
11-15-2014, 01:36 AM
Post: #4
RE: Browser settings to test https pages
What you are describing is what you will usually see if the server is presenting an invalid SSL certificate and it's not a config difference with the test agents and the public ones. Does it affect all sites you test or just your site?

If you check the box to ignore certificate errors when running the test does it work?

The most common reasons I've seen something like that are:

1 - If it is only your site having issues, accessing your site from your internal LAN may be going directly to a server, a staging server or some server that is not the same endpoint that external traffic goes through and it isn't configured with the production certs.

2 - There is a transparent proxy on the LAN->Internet egress that the security team uses to filter web access and for SSL traffic it uses self-signed certs and relies on the client machines to have the root cert installed (common in large corporations and schools).

It could be something else but those are by far the most common reasons it happens.
Visit this user's website Find all posts by this user
Quote this message in a reply
11-15-2014, 02:01 AM (This post was last modified: 11-15-2014 02:24 AM by jbr.)
Post: #5
RE: Browser settings to test https pages
(11-15-2014 01:36 AM)pmeenan Wrote:  If you check the box to ignore certificate errors when running the test does it work?

We had not done that. It works now.

We will educate ourselves on the Advanced Settings.

Thanks for your time

When we do "Visual Comparison" we are not able to choose any "Advanced Settings"

Is there some way to save "Ignore SSL Certificate Errors" for all tests?

Including "Visual Comparison"?

When we do "Visual Comparison" we are not able to choose any "Advanced Settings"

Is there some way to save "Ignore SSL Certificate Errors" for all tests?

Including "Visual Comparison"?
[/quote]
Find all posts by this user
Quote this message in a reply
11-18-2014, 06:19 AM
Post: #6
RE: Browser settings to test https pages
"Visual Comparison" is just a shortcut for creating a comparison. You can create comparisons of any arbitrary tests:

1 - Run each test individually with video capture enabled (and any other settings)
2 - Go to test history
3 - Select the tests you want to compare
4 - Hit the compare button

There isn't any setting to permanently disable cert warnings (feel free to file an issue on github). That said, it's not reallly the right way to fix it. Something in your path is still serving bogus certificates.
Visit this user's website Find all posts by this user
Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 1 Guest(s)