You should never need to add security exceptions for well-run sites.

Usually when you get "unstyled" pages on secure sites it indicates that Firefox is not set up to work with security software that intercepts and filters secure connections. Products with this feature include Avast, BitDefender, Bullguard, ESET, and Kaspersky; AVG LinkScanner / SurfShield can cause this error on search sites. Also on Windows 10, the parental control software Microsoft Family Safety.

If you have any of those specific security products:

This support article will walk you through how to check whether that is the issue: How to troubleshoot security error codes on secure websites.

If you do not use any of those:

Then we would become concerned that you might have contracted a malware infection. We can suggest further steps to investigate.

I wasn't familiar with ProofPoint URL Defense. It sounds like a product for business email systems that modifies the links in email messages to run through a security check when you click them. Does that sound like where you see the messages?

Thank you for your support - but did not work. Ran Malware program - no issues...no threats...no problem. What is extremely puzzling is everytime I go to firefox/google something from my account on this computer (only through firefox) I get words/text coming up. Even when I try to get to Mozilla. I have cleared everything; refreshed and still issues. BUT then when I go to my husband's account on this computer...there are no issues at all. It makes me think it is a setting or clearly something in my files. I checked all his regular Mozilla/Firefox/Settings (add-ons; General, Network, etc.) and they are the same as mine.

Here is another example just now:

The owner of fhr.cdn.mozilla.net has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.

This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely. As a result, it is not possible to add an exception for this certificate.

Learn more…(and when I click I get this)

   Skip to main content
   Switch language
   Skip to search

X Tap here to go to the mobile version of the site. mozilla

   Ask a question
   Sign In
   English

Again, Text/WORDS - that's it.

When I go to advanced, I get this:

fhr.cdn.mozilla.net uses an invalid security certificate. The certificate is not trusted because the issuer certificate is unknown. The server might not be sending the appropriate intermediate certificates. An additional root certificate may need to be imported. Error code: SEC_ERROR_UNKNOWN_ISSUER

WILD!!

Also: I found one string that recommended seeing if can open:https://mozorg.cdn.mozilla.net/media/css/tabzilla-min.css

No. I got this:

The owner of addons.cdn.mozilla.net has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.

This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely. As a result, it is not possible to add an exception for this certificate.

It also asked if I could open:https://addons.cdn.mozilla.net/media/css/zamboni/impala-min.css

And I got more of same.

And too, along with the above...I have checked time, date and region. All correct and current to the minute of the year/day.

Are there any HTTPS sites you can open?

I often suggest trying my test page here:

https://www.jeffersonscher.com/res/jstest.php

If you do not get an error page, stop. The rest of this is not going to be relevant.

Expand the "Advanced" button and look for an Add Exception button.

Note: You don't need to complete the process of adding an exception -- I suggest not adding one until we know this isn't a malware issue -- but you can use the dialog to view the information that makes Firefox suspicious.

Click Add Exception, and the certificate exception dialog should open.

Click the View button. If View is not enabled, try the Get Certificate button first.

This should pop up the Certificate Viewer. Look at the "Issued by" section, and on the Details tab, the Certificate Hierarchy. What do you see there? I have attached a screen shot for comparison.

HI - I got an error message:

The owner of www.jeffersonscher.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.

Okay, perfect, so click the "Advanced" button to display the technical discussion, and look for an Add Exception button.

Note: You don't need to complete the process of adding an exception -- I suggest not adding one until we know this isn't a malware issue -- but you can use the dialog to view the information that makes Firefox suspicious.

Click Add Exception, and the certificate exception dialog should open.

Click the View button. If View is not enabled, try the Get Certificate button first.

This should pop up the Certificate Viewer. Look at the "Issued by" section, and on the Details tab, the Certificate Hierarchy. What do you see there? I have attached a screen shot for comparison.

Right-O (I am unable to screen shot but this is what it said: BY: ESET, SSL Filter CA ORG: ESET, SPOL, S.R.O Not part of Certificate SHA-256 Fingerprint 95:8E:C8:27:A2:91:7F:E0:5F:F1:2B:03:4F:7E:B0:46:37:9F:5F:B7:73:81:50:C5:D4:F8:FA:86:9F:E4:BA:78 SHA1-Fingerprint 58:1C:14:C3:C0:F7:41:17:55:69:4F:A7:E1:6A:BB:75:ED:FF:70:1D

Organizational Unit: Not part of certificate

Serial number: 4F:1A:61:52:E3:AA:64:89:76:CF:84:F4:88:47:25:00

Validity begins on: Tuesday, July 22, 2014 Expires on: Monday, July 25, 2016

Under Details: Hierarchy is www.jeffersonscher.com

ESET probably sounds familiar if you are running nod32 or other ESET security software. You have two options:

(1) Set ESET not to filter HTTPS connections, or (2) Set up Firefox to "trust" the fake certificates that ESET generates for websites

The steps for #1 were covered in the above-referenced support article, How to troubleshoot security error codes on secure websites.

For #2, sometimes just restarting Windows will trigger ESET to do the set up for you. Otherwise, I'll need to look up a past thread to find the detailed steps for doing it by hand.

I have ESET-NOD32 Antivirus 9 and the information from the other strings are for 8 or earlier. And NONE of the images or pieces of information follow how this ESET-NOD32 Antivirus 9 is set up.

Also, don't you find it interesting that there are two accounts on this computer (Windows11) - and one account works the Firefox Mozilla perfectly...it is only the one in my account.

It seems logical to think that if the ESET was the problem on my Account on this computer...it would also be an issue for the other account (which it is not).

Is that indeed logical to think that? Since ESET is set up for both accounts on this computer?

Each Windows user typically has a separate Firefox profile, and each Firefox profile has its own certificates file (cert8.db). Exceptions one user saves or certificates she imports into Firefox in one profile are not automatically copied to other profiles.

I can't tell you how ESET software determines where to add its certificate; it's not something I recall reading about in their manual. But I can say that it's easy to break trust with ESET software because any time an ESET user uses the Firefox Refresh feature, they have this problem until trust is reestablished.

I last looked this up in December, so it's possible there was an update in the meantime:

Version 9: http://download.eset.com/manuals/eset_ess_9_userguide_enu.pdf

• See section 4.2.3.4 SSL/TLS
  (and sub-section 4.2.3.4.1 Certificates)
• Advanced Setup(?): Web and Email > SSL/TLS

Whoops, that was for ESET Smart Security. For nod32:

Version 9: http://download.eset.com/manuals/eset_eav_9_userguide_enu.pdf

The relevant section numbers look the same.

Thank you- but I have working on this again for another whole day. This document looks like Greek right now. I am stunned that downloading and trying to make my Firefox/Mozilla work....just does not. It would seem like uninstalling and reinstalling might help. And all the other hours of email strings and directions I have followed....for literally days now. I may start again tomorrow. I was my favorite. But that is wearing thin...

Thank you, I may try again tomorrow. I appreciate your emails. I am hopeful I may find a solution but at this point, I can use Edge or Chrome...or the other account. I need to take a break. Thanks

Question, you had noted above that the (cert8.db) was different on each account. I saw an email string earlier when I was attempting to fix it that stated that could be removed (and added again?).

Is there anyway to delete all the files on my system and try to reload? I have uninstalled several times...but it continues to do the same thing with my account on this computer.

I have also written details to ESET-NOD32 Antivirus 9

If the cert8.db file is removed, Firefox will generate a new one. The new one will have the same problem (i.e., the ESET certificate won't be in there).

Doing a full uninstall of Firefox and deleting all your settings would have the same effect. In other words, no progress.

You could use the cert8.db file from your husband's Firefox profile in place of yours, since that one sounds like it's already set up to work with ESET. This involves several steps:

(1) Open your current Firefox settings (AKA Firefox profile) folder using either

• "3-bar" menu button > "?" button > Troubleshooting Information
• (menu bar) Help > Troubleshooting Information
• type or paste about:support in the address bar and press Enter

In the first table on the page, click the "Show Folder" button. This should launch a new window listing various files and folders in Windows Explorer.

(2) Leaving that window open, switch back to Firefox and Exit, either:

• "3-bar" menu button > "power" button
• (menu bar) File > Exit

Pause while Firefox finishes its cleanup, then rename cert8.db to something like cert8.old.

(3) Set Windows to let you view hidden files and folders using the steps in this article: http://windows.microsoft.com/en-us/windows/show-hidden-files

(4) In a separate window, drill down into your husband's profile folder to find his cert8.db file. As a starting point, you can type or paste C:\Users\ into the Windows search bar and press Enter. Then explore:

C:\Users\his-username\AppData\Roaming\Mozilla\Firefox\Profiles

At that point, if there's only one semi-randomly-named folder, double-click into that one, and look for cert8.db. (If there are multiple profile folders, check for the most recently updated.)

Right-click > Copy the file, then switch over to your own profile folder and right-click > Paste in a blank area of the list.

When you start Firefox back up again, Firefox should use the copied file and trust sites filtered by ESET. Success?

ESS 9: Advanced Setup -- Web and Email --- SSL/TLS

Root certificate then uncheck "Add the root certificate to know browsers"
SSL protocol: Do not scan SSL protocol

HTTPS websites fail to load or you receive the error message "Connection is untrusted" when using your web browser with ESET products:

http://support.eset.com/kb3126/