Comment 37 for bug 334191

There's a lot of wonkiness in Konqueror 4.2.0's SSL support. For example, I'm hitting this page via https, and I didn't get any warnings about invalid certificates, but when I go in and check the certificate (by clicking on the little green shield in the top right), it says that the SSL certificate for *.kde.org doesn't apply to this domain (bugs.kde.org), which is obviously incorrect.

It's not just an issue with wildcard SSL certificates as I initially thought, either. I went to https://www.verisign.com, and the dialog says the same thing (again with no warning), but their certificate is for www.verisign.com, no wildcard.

Furthermore, I hit https://localhost/ (which has an expired and self signed SSL certificate), for which I get a warning, but then after clicking through the warning, I have no indication at all that I'm viewing a site with an invalid SSL certificate (the green shield is the same as before, etc).

Which leads me to notice that there's barely any indication of whether or not SSL is in use for the current site. There's the tiny green shield in the top right, and there's an s at the end of http, but that's it. There's no padlock (locked or otherwise) anywhere and there's no yellow background on the URL bar, both of which Konqueror 3.5.x did.