If you hit the secure link in Firefox directly, do you get a certificate error?

https://www.google.com/

Does it give the same explanation as Chrome or a different one (you may need to click an Advanced button on the error page to see the details).

AVG has some browser filtering features called LinkScanner Surf-Shield and Online Shield. One or both of these may be intercepting your Google requests. In order to decrypt secure requests, AVG needs to give your browsers a fake certificate and naturally Firefox objects.

Could you try disabling these specific features as a test: https://support.avg.com/SupportArticleView?l=en_US&urlName=How-to-disable-individual-AVG-components

As a data point, the solution in this old threat was to reboot the router: Invalid URL The requested URL "/", is invalid. Reference #9.a2fc54b8.1345130184.5cbbba6.

On a different forum, it was suggested to try using a different DNS service provider (e.g., OpenDNS or Google Public DNS) if it affects multiple sites, since it may indicate a name resolution problem at your current DNS provider.

As I mentioned in my original post, I had disabled AVG protection and tried to connect to Google with the same result. Nonetheless, I did try disabling the individual components as you suggested, with the same Invalid URL result.

I don't believe that the problem is related to DNS. Initially, the NIC adapter settings used automatic DNS obtained from the router. This is true of all of the other computers on the network, none of which have this problem. I did, however, change the DNS settings to use specific values. The Invalid URL problem continued. In fact, I pinged www.google.com and copied the displayed IP address into the address field in Firefox - bypassing DNS altogether - and get the same result.

If I try https://www.google.com, I get:

"Your connection is not secure. The owner of www.google.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.

This site used HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely. As a result, it is not possible to add an exception for this certificate."

If I click the Advanced button, I see:

"www.google.com uses an invalid security certificate.

The certificate is only valid for the following names: cl2.apple.com, cl3.apple.com, cl4.apple.com, cl5.apple.com, cl1.apple.com

(Error code: ssl_error_bad_cert_domain)"

I'm not sure why apple.com is involved???

Thanks for your reply, but I'm still stuck.

have you tried disabling the webbrowsing protection modules in avast like described in jscher2000's link?

in addition you might want to run a scan for malware with two other security tools:

• https://toolslib.net/downloads/viewdownload/1-adwcleaner/
• https://www.malwarebytes.org/antimalware/

I ran the ADWCleaner program. After the Scan, it did not show any files or folders or other things that had been found, but I went ahead and ran the Cleaning function nonetheless. Rebooted. The Invalid URL problem remains. I had run MalwareBytes before but ran it again from your AntiMalware link, rebooted, problem is still there.

I should mention that late yesterday I received the same Invalid URL message on my iPad (4) but today I can get to www.google.com on the iPad with no problem. iPhone and Android Samsung S4, Windows XP desktop and two Windows 7 systems all access www.google.com with no problem. It is only this Windows 10 system where the problem exists currently.

k14abmul said

If I click the Advanced button, I see:

"www.google.com uses an invalid security certificate.

The certificate is only valid for the following names: cl2.apple.com, cl3.apple.com, cl4.apple.com, cl5.apple.com, cl1.apple.com

(Error code: ssl_error_bad_cert_domain)"

I'm not sure why apple.com is involved???

That's an excellent question. Does your connection from Windows 10 run through any kind of Apple device?

I notice your router supports VPN connections. Could use or non-use of VPN be a difference among your devices?

You can remove all data stored in Firefox from a specific domain via "Forget About This Site" in the right-click context menu of an history entry ("History > Show All History" or "View > Sidebar > History") or via the about:permissions page.

Using "Forget About This Site" will remove all data stored in Firefox from that domain like bookmarks, cookies, passwords, cache, history, and exceptions, so be cautious. If you have a password or other data from that domain that you do not want to lose then make sure to backup this data or make a note.

You can't recover from this 'forget' unless you have a backup of the involved files.

If you revisit a 'forgotten' website then data from that website will be saved once again.

You can retrieve the certificate and check details like who issued certificates and expiration dates of certificates.

• click "Advanced" to expand the error message
• click "Add Exception" to open "Add Security Exception"

If this isn't possible then open "Add Security Exception" by pasting this URL in the location/address bar and paste the URL of the website (https://xxx.xxx) in it's location field.

• chrome://pippki/content/exceptionDialog.xul

Let Firefox retrieve the certificate -> "Get Certificate"

• click the "View" button and inspect the certificate
  check who is the issuer of the certificate

You can see details like intermediate certificates that are used in the Detail tab.

Who is the issuer of the certificate?

I did as you suggested and ran the exceptionDialog.xul and viewed the certificate. I am including several screen captures of what I saw in the view and, below, show all of the field values from the scrolling window within the View screen. If you copy this text and paste it into a larger window (e.g. Notepad) where it might retain the formatting, it might be easier to make sense of.

Again, much of it reflects Symantec and Apple, which is puzzling.

Certificate View Detail Values

cl1.apple.com

Certificate
 Version            Version 3
 Serial Number          27:F5:26:A6:E6:E9:08:BB:B3:92:EA:D8:3D:DB:85:17
 Certificate Signature Algorithm      PKCS #1 SHA-256 With RSA Encryption
 Issuer            CN = Symantec Class 3 EV SSL CA - G3
              OU = Symantec Trust Network
              O = Symantec Corporation
              C = US
 Validity
  Not Before          Monday, February 8, 2016 7:00:00 PM
              (Tuesday, February 9, 2016 12:00:00 AM GMT)
  Not After          Wednesday, April 25, 2018 7:59:59 PM
              (Wednesday, April 25, 2018 11:59:59 PM GMT)
 Subject            CN = cl1.apple.com
              OU = Internet Services for Akamai
              O = Apple Inc.
              Object Identifier (2 5 4 9) = 1 Infinite Loop
              L = Cupertino
              ST = California
              Object Identifier (2 5 4 17) = 95014
              C = US
              Object Identifier (2 5 4 5) = C0806592
              Object Identifier (2 5 4 15) = Private Organization
              Object Identifier (1 3 6 1 4 1 311 60 2 1 2) = California
              Object Identifier (1 3 6 1 4 1 311 60 2 1 3) = US
 Subject Public Key Info
  Subject Public Key Algorithm     PKCS #1 RSA Encryption
  Subject's Public Key       Modulus (2048 bits):
              e4 9f 29 bb 5c 6d 4e b4 01 bb 2a 4a f6 1c 2c 7a 
              f1 6e 2c fc 4e 64 58 35 48 be 03 09 43 be 9e 48 
              cf 28 66 38 4e 31 38 92 c7 49 84 2e d3 37 da 1d 
              e9 b9 31 0f 49 a7 19 0d eb 50 a7 c3 a7 61 7d 0e 
              04 b7 f4 6c e3 6b 9e 09 cb 9c c5 cb b3 9c 1d c8 
              66 9e 39 45 cc e5 c3 a5 3a 6e de bf 7a 24 6b 48 
              53 b6 4a d2 4c 96 85 e3 15 2d 71 ff dd 3d 02 47 
              c8 33 32 50 e5 dd ea 96 0d 80 07 c1 68 38 a6 97 
              ab 21 06 39 0e cd 26 95 5c 9e 60 ba 8d ca 7c 2c 
              b2 c3 4d 07 a3 f1 3b 19 fb c1 98 c0 df 03 6a 56 
              9e cb e2 d5 00 4d e3 11 1a c0 7f 7d 48 35 0c df 
              89 41 79 32 c4 06 fa f2 c7 db da 19 31 ee 62 55 
              6f 49 91 b8 90 cf b7 d5 81 41 0e ef cc 27 ba 76 
              ac 46 79 00 67 59 96 db 94 67 70 15 e1 ff 8f e2 
              bf 83 01 7a ba 37 13 03 a2 29 76 a4 15 c8 f2 2d 
              fa 7c 30 d9 77 f8 ae 37 ae aa 45 18 36 32 62 c3 

              Exponent (24 bits):
              65537
 Extensions
  Certificate Subject Alt Name     Not Critical
              DNS Name: cl2.apple.com
              DNS Name: cl3.apple.com
              DNS Name: cl4.apple.com
              DNS Name: cl5.apple.com
              DNS Name: cl1.apple.com
  Certificate Basic Constraints     Not Critical
              Is not a Certificate Authority
  Certificate Key Usage       Critical
              Signing
              Key Encipherment
  Extended Key Usage        Not Critical
              TLS Web Server Authentication (1.3.6.1.5.5.7.3.1)
              TLS Web Client Authentication (1.3.6.1.5.5.7.3.2)
  Certificate Policies       Not Critical
              2.16.840.1.113733.1.7.23.6:
              Extended Validation (EV) SSL Server Certificate
                Certification Practice Statement pointer:
               https://d.symcb.com/cps
                User Notice: 
               https://d.symcb.com/rpa
  Certificate Authority Key Identifier   Not Critical
              Size: 20 Bytes / 160 Bits
              01 59 ab e7 dd 3a 0b 59 a6 64 63 d6 cf 20 07 57 
              d5 91 e7 6a 
  CRL Distribution Points       Not Critical
              URI: http://sr.symcb.com/sr.crl
  Authority Information Access     Not Critical
              OCSP: URI: http://sr.symcd.com
              CA Issuers: URI: http://sr.symcb.com/sr.crt
  Object Identifier (1 3 6 1 4 1 11129 2 4 2)  Not Critical
              Size: 367 Bytes / 2936 Bits
              04 82 01 6b 01 69 00 76 00 dd eb 1d 2b 7a 0d 4f 
              a6 20 8b 81 ad 81 68 70 7e 2e 8e 9d 01 d5 5c 88 
              8d 3d 11 c4 cd b6 ec be cc 00 00 01 52 c6 ce da 
              9f 00 00 04 03 00 47 30 45 02 20 19 d1 9c e7 4c 
              e9 50 50 a1 03 d5 f8 82 c6 55 ce c4 08 15 a8 f2 
              e5 d0 62 3f ab 15 7e 0e 49 51 60 02 21 00 ec 0d 
              8d 4d 08 64 7e 42 bd 74 ca 6a 31 14 23 9f 95 29 
              4d 94 18 dc a3 76 58 ad f6 10 71 9a 1c 3b 00 76 
              00 a4 b9 09 90 b4 18 58 14 87 bb 13 a2 cc 67 70 
              0a 3c 35 98 04 f9 1b df b8 e3 77 cd 0e c8 0d dc 
              10 00 00 01 52 c6 ce da e4 00 00 04 03 00 47 30 
              45 02 20 65 b4 68 4e 35 9c 02 7b 8a 6b 38 58 3f 
              b1 59 d7 4c a4 d8 8f b0 83 b1 ea da 40 47 ed 85 
              cd ef f4 02 21 00 ea 72 73 21 9a 7a b0 b1 7a 9d 
              c0 77 c5 99 e7 cf ae 65 e0 c9 d2 9f be 45 bd fe 
              f3 29 16 c4 b8 0c 00 77 00 68 f6 98 f8 1f 64 82 
              be 3a 8c ee b9 28 1d 4c fc 71 51 5d 67 93 d4 44 
              d1 0a 67 ac bb 4f 4f fb c4 00 00 01 52 c6 ce da 
              e9 00 00 04 03 00 48 30 46 02 21 00 95 41 a8 0e 
              49 9f d9 e4 8b d0 2f be 10 18 70 d2 eb 92 6b a7 
              fe f8 00 5b cc 46 0f e2 55 79 c0 39 02 21 00 b7 
              d9 a9 78 6f 34 0e 13 0e 6f 1b 98 ed 83 12 8b 4a 
              04 e4 2d 44 da 67 0c 60 e8 07 cc 36 9f dc a2 
 Certificate Signature Algorithm      PKCS #1 SHA-256 With RSA Encryption
 Certificate Signature Value       Size: 256 Bytes / 2048 Bits
              9c bf 64 a3 1e 63 8f cf be 24 e9 9b 98 86 1f 49 
              78 08 27 a7 47 e3 d9 78 65 bd 90 cf c1 e8 6f 96 
              11 08 3f 88 66 ab 4d 2c 49 1e 36 2b 63 86 a2 60 
              f6 7b a6 fc b2 84 6e e6 19 14 84 85 77 98 bb 8f 
              9c 44 33 52 27 52 d4 fb 75 cf 16 46 8e 8b c7 fc 
              2c cd 2f e5 fd 07 69 97 5d a1 b6 57 93 42 81 a5 
              bf b7 35 da 03 54 4d 77 da fe 9b 1b a1 49 ed e2 
              52 79 1d c8 51 58 34 fb ad a0 7f 60 b8 f2 94 a7 
              96 d9 12 62 7a 98 33 ff e6 d4 94 dc 96 b5 09 6b 
              15 83 2b a9 b5 16 f3 b6 9b 69 8d c1 14 3f 43 27 
              49 2d 1c 6f 17 01 b8 5f f0 f7 55 fb bb 46 4b a4 
              ac 90 68 6e e1 bb 77 f3 51 3a c9 a0 6a 2a 8c 53 
              dc 4e 51 90 be f1 29 79 74 bd 35 fd 02 e4 c6 a7 
              ae e6 ac 39 ee 9e a3 09 82 a7 b3 d1 26 44 a0 b7 
              f9 ec ef 49 73 cd fb 9f bf 60 8c 2a 17 16 91 07 
              69 55 91 fb cf 1d 0d 2b 3d a4 9c d8 bb 3c 40 7c

Subject
CN = cl1.apple.com
OU = Internet Services for Akamai
O = Apple Inc.

Akamai came up when I was searching for other discussion of this problem:

"requested URL" "invalid reference" akamai - Google Search

I converted this computer to Windows 10 about a month ago, so in an attempt to resolve this problem, I restored the previous system (Windows 7). Having done that, Google works fine - no more Invalid URL problem! That would seem to rule out anything external to the computer (DNS, network issues, etc.). Perhaps the problem was in some aspect of Windows 10 security although I couldn't find any security setting (e.g. family settings) that was in force.

At some point, I will want to migrate to Windows 10, so I would still appreciate any suggestions about the Invalid URL problem.

Some Windows 10 upgraders have found it helpful to reset the TCP/IP stack as described in this thread:

https://support.mozilla.org/questions/1075112

Otherwise, I'm not familiar with Windows 10-specific networking issues.

hi k14abmul

very very strange i have run windows 10 since it's public release with the microsoft anti-virus software and have no problems with firefox accessing any websites

of course i don't use add-ons and i only use windows monday-friday to run firefox so maybe that's why :-) ?

cheers!

...Roland

and i did the windows 7->8->10 dance on the same computer, i just use whatever the latest and greatest general availability release of Windows happens to be