Cannot use RSS for a site with their own SSL Root certificate. I whitelist the specific site on my computer.

Elliott_Rezny · June 23, 2016, 1:30pm

Cannot use RSS for a site with their own SSL Root certificate. I whitelist the specific site on my computer. At https://www.iad.gov/iad/news/index.cfm?xml=IAD%20News,simple

When I try to add the feed to Newsblur the error message by the “add site” button says “This address does not point to an RSS feed or a website with an RSS feed.”

RethorykeEpicaridan · June 24, 2016, 11:09pm

I’d say that’s working as expected. They’re redirecting from HTTP →HTTPS, but can’t (won’t?) get their act together and use HTTPS properly.

Trusting that cert seems like a good way to get owned by a rando.

https://www.ssl.com/blogs/encrypt-as-we-say-not-as-we-do-the-nsa-and-sha-1-certs/

Elliott_Rezny · June 30, 2016, 5:51pm

That particular website has a strong reason to use it’s own CA, It’s responsible for disseminating information on security advisories for the NSA. I wouldn’t import the root CA, that would give the NSA snooping abilities on any site. But accepting the site’s cert for that one site is the only way to keep a possibly compromised widely trusted CA from pwning the iad.

Your ssl.com article is outdated. https://www.sslshopper.com/ssl-checker.html#hostname=www.iad.gov