Tor Browser doesn't run on recent arch: Missing server TLS certificates
We've had two reports of users on 10.0.10 on Linux not being able to establish a secure connection to any web site. The url shows https, but "insecure". Clicking through, it looks as if there's no server certificate at all.
One user reported that switching to the alpha version of TBB resolved the issue.
The second user reported that it didn't.
The second user verified that the browser does correctly report invalid certificates, using badssl.com.
The second user was able to fix it with a clean profile. (Update: a clean profile on alpha. Still broken on 10.0.10)
15:40 < rany> Hi, I'm having an issue right now with Tor Browser reporting all HTTPS connections as insecure. This happened after the update to 10.0.10 15:43 < rany> screenshot: https://0x0.st/-HNT.png 16:47 < jnewsome> rany: what does it say if you click on the right-arrow next to "connection not secure"? 16:50 < rany> https://0x0.st/-Hqs.png 16:53 < jnewsome> strange. someone reported a similar problem yesterday; I think they ultimately worked around it by installing the alpha version of the tor browser 16:53 < rany> and https://0x0.st/-Hqz.png 16:53 < rany> hmm, well it's not bothering too much but i wanted to check if its intentional cuz i can't find anything in the change log 16:53 < jnewsome> thank you for the screenshots; I wasn't able to get detailed info from the reporter yesterday 16:54 < rany> so not all TB users have this issue? 16:54 < jnewsome> nope; I'm on the same version and not experiencing that problem 16:55 < jnewsome> is this linux? 16:55 < rany> yes 16:55 < jnewsome> I would be careful about using the browser in this state; you might not detect a man-in-the-middle attack 16:56 < rany> I'll try the alpha version of TB and check if that fixes it 16:56 < rany> yeah, good point 16:58 < rany> tor browser alpha doesn't fix it for me :/ 16:59 < jnewsome> I wonder if this could be an actual attack. Could you try requesting a few circuits and see if it works for any of them? 17:01 < rany> i've tried a ton of circuits and so far they all have the issue ... so probably unlikely 17:01 < rany> also bad SSL certificates still get detected fine ... just tried from badssl.com 17:02 < rany> so it seems like verification is working all right ... 17:25 < rany> though TB works fine with a clean profile 17:26 < rany> not sure why the update broke my old profile ... 17:36 < rany> nevermind, i just got the same issue even with a clean profile 17:36 < rany> /shrug 17:36 < rany> (but that's on stable TB )