SSL cert error, has no option for "Proceed anyway"

[AutonomousCat]

How to reproduce: Visit progressive.com with HTTPS ~~Everywhere~~ Only mode on

[AutonomousCat]

Adding that I know it's only related to Mullvad Browser because I use LibreWolf (also with HTTPS Everywhere mode on) when something isn't working right in Mullvad Browser.

[Thorin-Oakenpants]

on windows I can accept (also same result in MB13 alpha)

[Thorin-Oakenpants]

TB, FWIW (I guess they're blocking tor), but that's no to say the same underlying cert issue isn't present in both

[PieroV]

@AutonomousCat the mode is HTTPS Only. Do you have some version of HTTPS Everywhere installed, perhaps?

We have at least two problems here:

1. Server side: their webserver is configured to use something not supported by older versions of Firefox
2. Client side: you're seeing this host as HSTS. When this happens, the proceed anyway is hidden.

Regarding 1, please check also this screenshot:

Mullvad Browser is missing the CA. The same happens with Firefox 115.2.1 ESR.

But for number 2, I don't have a clue. I wonder if they removed the HSTS header after people telling them they had problems.

[ruihildt]

@AutonomousCat Can you confirm you're talking about HTTPS-Only and not HTTPS Everywhere?

I just checked with Mullvad Browser 12.5.6 and 13.0a6, and I could proceed in both cases.

[AutonomousCat]

@ruihildt Sorry for the late reply, I just re-remembered this issue when I went to Progressive's site today. Couldn't and had to open LibreWolf. It's indeed HTTPS Only. I'm not using another HTTPS extension

[ruihildt]

@AutonomousCat Just revisited this issue, and it seems to be working now.

Can you confirm on your end?