Ignoring the obvious joke of asking whether you can vs. whether you should...

If you go to about:config and filter by security.ssl you will find many settings which need changing to bypass very useful security features to reach your goal.

Seriously though, I wouldn't browse the web with XP in 2019, you may not care if it becomes infected/compromised but anything it shares a network with is then at risk too and if you can flash firmware, attackers can too. You don't need to visit a shady site, drive by attacks are served up by adverts in unexpected places. If you must use XP for browsing, do it with uBlock Origin or uMatrix as at least a filter when letting the wild west into your home.

If you don't want to spend $50 on a more recent device then a minimal Linux install would be far more secure for your trusty old museum piece.

Thank you, but i try to stay online with this computer until i am forced into a retirement-home = the year 2050 a.D. (at least!). If i have to be on the safe side, i'm using my Android-mobile instead.

Edit: My original request was a bit vague, sorry for this. I modified the 1st entry.

Anybody can make a self-signed certificate, getting one that is signed by a trusted authority that is recognised by most browsers takes a lot more work (requiring identity verification and such).

Old browsers won't be able to support the newest encryption modes/key exchange algorithms enforced by some sites so blindly accepting certificates as valid won't help much.

Thank you, but... I do'nt want to create a cert, i want to get rid of them. Encryption = ssl/tsl is not the point. Even IE8 can decrypt https. My concern is to make a usable browser want to do so without asking me all the time for confirmations...

Edit: My original request was a bit vague, sorry for this. I modified the 1st entry.

In case somebody wants to know: On

https://github.com/JustOff/ca-archive/releases

you will find an 44MB .xpi archive containing a clean catalogue incl. direct install-links to thousands of outdated-Firefox extensions. I found a superb add-on for my needs at the first push.

what you want is ssl stripping proxy
https://www.youtube.com/watch?v=MFol6IMbZ7Y
servers nowadays not only require ssl, but also force new crypto not available in old browsers, not that I would encourage you to use outdated browsers in any shape or form (you are one bad link from remote exploit and having your old system loaded up with malware/cryptolockers)

@rasz_pl: 1st time i hear about ssl stripping. Thank you for teaching me something new! But far too heavy for my, i'm only an ambitious surfer, so i shall keep my hands off. I just tried the FF-addon "Skip cert error 0.4" which auto-checks all the "make an exception?" buttons when a https-site offers an invalid cert. Works fine, that will do for now. The addon is from the above mentioned .xpi collection, really great for every FF-user who can't find anymore working extensions, access to *all* .xpi that were on mozilla from 2004 to 2018, highly recommended!

installing random extensions from random collections is another great way to get your system full of viruses, not to mention stolen credentials

Thank you, but i do'nt care at all for viruses. This board is about running old software on old computers, and XP+Firefox on a 13yo laptop meets this premise. If any non-security-freak knows an answer to my original question, i'd still be glad for any adequate response. In between something positive: I would like to recommend https://github.com/Feodor2/Mypal/releases as a superb, stable, ad-free open-source browser for any XP (even Win2003) user. This adadpted Firefox was last updated on 2019.05.20, it works perfect with uBlock https://github.com/gorhill/uBlock/releases/ta … egacy-1.16.4.10 and a number of pre-web-extensions you find in the mentioned mozilla-catalogue or on http://www.palemoon.org/.

Have a nice day!

This might be useful programs for XP users https://retrosystemsrevival.blogspot.com/sear … el/Windows%20XP
includes a compatible Chrome.

I use Slimjet (Chromium based) myself, but the 10.0.13.0 XP build does run into SSL cipher compatibility issues on some websites.