Hey ya'll.
I recently aquired a Mac Mini G4 that I've been using for running classic MacOS 9.2.2 and have been enjoying the experience immensely.
As most of you know we have a fantastic browser available to us, Classilla, but browsing the modern web with Classilla has two major drawbacks:
1) The rendering side, where modern versions of CSS won't render correctly and Javascript code execution is slow and error prone due to the now ancient Javascript engine used.
2) The security side, where it's impossible to establish https connections to the vast majority of websites out there since TLS 1.0 is the latest encryption protocol Classilla supports and most sites choose not to support encryption protocols of that era.
Although I can't really help with the first class of problems, I do have a solution to the second one.
I'm able to connect to all https enabled websites using Classilla by setting up a proxy server (of sorts) on a Raspberry Pi I had laying around and routing all the web traffic from Classilla through the proxy.
For https sites the proxy server sets up a connection to the website with a modern encryption protocol (TLSv1.1+) and then establishes a legacy protocol connection (TLSv1) back to Classilla with a mirror of the upstream certificate, but signed by CA certificate the proxy server generates on first launch.
That CA certificate has to be imported into Classilla.
The proxy server I'm using is MITMproxy, running on Ubuntu 20.04 on Raspberry Pi 4.
Installation:root@ubuntu:~# apt install mitmproxyRunning:root@ubuntu:~# SECLEVEL=1 mitmproxy --showhost --set ssl_version_client=all --set ssl_version_server=secure --set upstream_cert=true --ssl-insecureNow that the proxy server is running, we need to import the CA certificate MITMproxy uses to sign certificates into Classilla. You can find the certificate in /root/.mitmproxy/mitmproxy-ca-cert.pem and you'll need to copy that to the Mac.
Then you open Classilla and select Edit → Preferences → Advanced → Certificates → Authorities → Import — and browse to the local directory that has a copy of mitmproxy-ca-cert.pem and import the certificate. A popup window should appear from Classilla where you need to select the checkbox for "Trust this CA to identify web sites" and then click on the OK button.
Once you've imported the CA certificate from MITMproxy you need to configure Classilla to route it's web traffic through the proxy server, the Classilla preference window should still be open from the last step so select Advanced → Proxies from the preference navigation panel and specify the IP address and port of the proxy server for both HTTP Proxy and SSL Proxy. MITMproxy uses port 8080 by default.
Finally, we'll restart Classilla and assuming you've configured everything correctly, you should now be able to connect to websites that are using modern encryption protocols without problems.
Full size screenshot:
https://i.imgur.com/ODg2RRW.jpeg