I can proceed if I add an exception. But I don't know if I want to add an exception.
Edit: Clock is automatically set via OSX. Not a problem with other sites.
Firefox says
tails.boum.org uses an invalid security certificate. The certificate is not trusted because the issuer certificate is unknown. The server might not be sending the appropriate intermediate certificates. An additional root certificate may need to be imported. (Error code: sec_error_unknown_issuer)
Sooooo..... I need a root certificate of some sort then? See, this is what we get to contend with - I can't read this site because reasons. And it's up to me to find out what the reasons are I guess. Wait till this hits the masses when certs get revoked, expire, etc. :)
And you shouldn't - this page uses a valid certificate for me. Either your clock is set wrong, you're missing CAs or you're being MITM'd. Verify your time, check the certificate chain on the site (should be UserTrust -> Gandi -> site) and try to check fingerprints against https://www.grc.com/fingerprints.htm if you can.
Yeah.. That's suspicious.. Firefox uses it's own CA list, so if your install of firefox is up to date, and your system clock is correct then you are potentially being MITM'd...
If that is the case then your browser is exhibiting correct behavior.
For me, I can see that the root CA is USERTrust (SHA-384 sig, interestingly), and the server is presenting a valid intermediate (Gandi - also using a SHA-384 signature), then the site certificate (SHA-256 sig).
There is a secondary certification path though, coming from a old SHA1 AddTrust Root (but this is also in my trust store for Firefox).
Did you resolve this? Make sure the root that shows up on the certificate details page is UserTrust - if it's not, it's possible someone is performing MITM on you.
If that doesn't match the value you see in the Firefox or Chrome certificate details page, please, send as many details about the chain as you can back, I'm very interested to see what's happening here considering you're not on a corp network and seeing this and even moreso because this is the Tails site, something that might very much interest some attackers...
Edit: Clock is automatically set via OSX. Not a problem with other sites.
Firefox says
tails.boum.org uses an invalid security certificate. The certificate is not trusted because the issuer certificate is unknown. The server might not be sending the appropriate intermediate certificates. An additional root certificate may need to be imported. (Error code: sec_error_unknown_issuer)
Sooooo..... I need a root certificate of some sort then? See, this is what we get to contend with - I can't read this site because reasons. And it's up to me to find out what the reasons are I guess. Wait till this hits the masses when certs get revoked, expire, etc. :)