Ssh error validating server certificate geology law dating
Instead, it will display an error message, similar to any other browser error (for example a "page not found" 404 message).
To get past this error page, users have to go through four different steps before they can access the Web site, which from a usability standpoint is far from ideal." The error occurs because Mozilla has decided to take SSL/TLS Web page security to the next level, challenging any certificate that isn't in the Web browser's certificate database, has incorrect information, or is expired.
But what's the point of using a certificate if we may use the same public key on all servers in domain, and simply put that public key into client's known_hosts file?
The server sends its public key to the client, the client checks known_hosts file, does not find the server's public key there and hence the server now needs to prove its identity to the client.
Identity is successfully proven (by using server's private key), but suppose that the client does not store the server's public key in the known_hosts after that (it is not mandatory to store it in the known_hosts, as far as I know).
After that the public key is used as in normal key based authentication, i.e.
the server has to demonstrate that it owns the private key for the public key.