Where to get root SSL certificates for Opera 12.17?

5

1

Approximately six months ago several web sites began to lose their styles gradually and finally some of them entirely stopped working in Opera although they work in other browsers. All this seemed to look like conspiracy against Opera-Presto.

Today I realized what the problem is: all of the failing sites are using HTTPS to retrieve their CSS and JavaScript Files, and it seems that some of important certificates have expired.

Opera complains in Dragonfly:

No request made. All data was retrieved from cache without accessing the network.

As the certificates aren't updated automatically, I need to import them manually. But where to download up-to-date root certificates from?

It accepts:

  • crt
  • usr (x509)
  • p7s (pkcs 7 signed)
  • p7 (pkcs 7)
  • p12 (pkcs #12 with security key)
  • pem

Update - the real solution

In reality it wasn't anything wrong with Opera and it's certificates storage! The real bad guy was the Eset NOD 32 antivirus, which messed in some way with SSL connections, although it shouldn't. I understood it when almost all SSL web sites stopped working in any browser except Tor Browser. Turning NOD32 off didn't solve problem. I had to remove it completely and install it again.

What to do with an answer? Let it be here!

Paul

Posted 2015-09-21T16:31:59.480

Reputation: 579

How do I know which certificate exactly is the issue and should be renewed? – nixda – 2015-10-06T22:37:44.260

Wouldn't it be simpler and safer to upgrade to the latest Opera version? – harrymc – 2015-10-07T17:57:39.727

@nixda you should get notifications for them, I added the info for that in the answer below. To access the certificates section and settings for them, you go to the Manage certificates.section; through the Tools -> Preferences menu -> Advanced area. – xCare – 2015-10-08T12:38:31.223

Answers

4

According to Opera, Opera used to run its own root store but it ceased doing that in 2013. Details below:

Opera Software used to run its own root store program, but as of fall 2013, it no longer does so. Opera Software continues to take an active part in work to standardize the processes that safeguard the integrity and credibility of security certificates.

Newer versions of Opera (14 and higher) use the root store provided by the operating system and the list of EV-enabled roots maintained by Google. Older versions of Opera (versions 9.5 through 12) use Opera's online root store. Until fall 2013, the online solution was built on Opera's root store program, but after that it is based on NSS by Mozilla.

To get certificates to be accepted by Opera, roots should be part of the above-mentioned root store programs.

Below are a couple of certificate sites where you can download root certificates:

  1. Digicert

  2. Geotrust

There are instructions here, here and here to install a root certificate after downloading it.

Opera provides notifications for the certificates needed through screens like "Invalid Certificate" "Certificate has expired"... so forth. If it does this too many times, it's a bug and you can try turning off the notifications like they say here.

Though I haven't used it, there is even a blog with the script to search list certificates supported by Opera.

xCare

Posted 2015-09-21T16:31:59.480

Reputation: 739

@paul Have you checked it? I'm curious if I could award the bounty – nixda – 2015-10-12T11:56:12.573

Asked: 2015-09-21T16:31:59.480

Viewed: 2 062 times

Active: 2016-03-31T07:17:45.517