undefined | Better HN

0 points0l1y ago0 comments

Use HSTS, browsers are specifically designed not to let users bypass these.

0 comments

Hsts forces encryption, it has no impact on certificate invalidity, at least to my knowledge.

0lOP1y ago

Visit your .internal site -> website uses TLS cert signed by root CA that is preloaded on your device. Succeeds and HSTS flag is set.

Visit other .internal site -> uses TLS cert NOT signed by root CA that is preloaded on your device -> certificate error, and cannot be bypassed due to HSTS.

j / k navigate · click thread line to collapse

0 comments

hsbauauvhabzb1y ago

Hsts forces encryption, it has no impact on certificate invalidity, at least to my knowledge.

0lOP1y ago

Visit your .internal site -> website uses TLS cert signed by root CA that is preloaded on your device. Succeeds and HSTS flag is set.

Visit other .internal site -> uses TLS cert NOT signed by root CA that is preloaded on your device -> certificate error, and cannot be bypassed due to HSTS.

j / k navigate · click thread line to collapse