X
Tap here to go to the mobile version of the site.
Scheduled maintenance: Thursday, April 2, between 3pm and 5pm UTC. This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn’t solve your issue and you want to ask a question, we have our support community waiting to help you at @firefox on Twitter

Support Forum

http websites wont work with windows 10

Posted

Basically a lot of websites wont work on my firefox with windows 10, such as google, youtube, twitter and facebook, the error i get is:

This Connection is Untrusted

You have asked Firefox to connect securely to www.youtube.com, but we can't confirm that your connection is secure.

Normally, when you try to connect securely, sites will present trusted identification to prove that you are going to the right place. However, this site's identity can't be verified. What Should I Do?

If you usually connect to this site without problems, this error could mean that someone is trying to impersonate the site, and you shouldn't continue.

This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely. As a result, it is not possible to add an exception for this certificate.

Basically a lot of websites wont work on my firefox with windows 10, such as google, youtube, twitter and facebook, the error i get is: This Connection is Untrusted You have asked Firefox to connect securely to www.youtube.com, but we can't confirm that your connection is secure. Normally, when you try to connect securely, sites will present trusted identification to prove that you are going to the right place. However, this site's identity can't be verified. What Should I Do? If you usually connect to this site without problems, this error could mean that someone is trying to impersonate the site, and you shouldn't continue. This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely. As a result, it is not possible to add an exception for this certificate.

Chosen solution

curtcurt said

its Microsoft Family Safety

If you do not need those parental controls, you can turn off that feature.

If you do need parental controls, you probably need to import a certificate so that Firefox will trust Microsoft Family Safety. (I would need to look up the details in a past thread.)

Read this answer in context 2

Additional System Details

Installed Plug-ins

  • Adobe PDF Plug-In For Firefox and Netscape 11.0.12
  • Creative Cloud Desktop Plugin.v_2_0_0_0
  • AppWorld NPAPI plugin
  • DivX Web Player version 3.2.3.1164
  • DivX VOD Helper Plug-in
  • Logitech Harmony Remote Plugin
  • NPRuntime Script Plug-in Library for Java(TM) Deploy
  • Next Generation Java Plug-in 11.40.2 for Mozilla browsers
  • Office Authorization plug-in for NPAPI browsers
  • The plug-in allows you to open and edit files using Microsoft Office applications
  • NPWLPG
  • The QuickTime Plugin allows you to view a wide variety of multimedia content in Web pages. For more information, visit the QuickTime Web site.
  • BlackBerry WebSL Browser Plug-In
  • Shockwave Flash 18.0 r0
  • 5.1.40416.0
  • Unity Player 4.5.4f2
  • iTunes Detector Plug-in

Application

  • User Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0

More Information

FredMcD
  • Top 10 Contributor
4394 solutions 61644 answers
https://support.mozilla.org/en-US/kb/server-not-found-connection-problem https://support.mozilla.org/en-US/kb/firefox-cant-load-websites-other-browsers-can https://support.mozilla.org/en-US/kb/secure-connection-failed-error-message https://support.mozilla.org/en-US/kb/connection-untrusted-error-message '''http://kb.mozillazine.org/Error_loading_websites''' '''This Connection is Untrusted''' is sometimes caused because the computer system clock is wrong. Check the time / date / time zone settings.
cor-el
  • Top 10 Contributor
  • Moderator
17857 solutions 161589 answers

Helpful Reply

If you can't inspect the certificate via "I Understand the Risks" then try this:

Open this chrome URI by pasting or typing this URI in the location/address bar to open the "Add Security Exception" window and check the certificate:

  • chrome://pippki/content/exceptionDialog.xul

In the location field type/paste the URL of the website

  • retrieve the certificate via the "Get certificate" button
  • click the "View..." button to inspect the certificate in the Certificate Viewer

You can inspect details like the issuer and the certificate chain in the Details tab of the Certificate Viewer. Check who is the issuer of the certificate.

If you can't inspect the certificate via "I Understand the Risks" then try this: Open this chrome URI by pasting or typing this URI in the location/address bar to open the "Add Security Exception" window and check the certificate: *chrome://pippki/content/exceptionDialog.xul In the location field type/paste the URL of the website *retrieve the certificate via the "Get certificate" button *click the "View..." button to inspect the certificate in the Certificate Viewer You can inspect details like the issuer and the certificate chain in the Details tab of the Certificate Viewer. Check who is the issuer of the certificate.
jscher2000
  • Top 10 Contributor
8953 solutions 73379 answers

Helpful Reply

In addition to the system date, time, and time zone, a common reason for this problem is your security software. If it filters your web connections, it typically needs to present "fake" certificates to Firefox in order to be able to decrypt and scan secure communications.

If you use Avast, Bitdefender, ESET or Kaspersky, when you check the certificates the way cor-el explained, you should see your security software in the "Issued by" section. If you see a pattern of something or someone else being listed there, that could indicate malware.

In addition to the system date, time, and time zone, a common reason for this problem is your security software. If it filters your web connections, it typically needs to present "fake" certificates to Firefox in order to be able to decrypt and scan secure communications. If you use Avast, Bitdefender, ESET or Kaspersky, when you check the certificates the way cor-el explained, you should see your security software in the "Issued by" section. If you see a pattern of something or someone else being listed there, that could indicate malware.

Question owner

cor-el said

If you can't inspect the certificate via "I Understand the Risks" then try this: Open this chrome URI by pasting or typing this URI in the location/address bar to open the "Add Security Exception" window and check the certificate:
  • chrome://pippki/content/exceptionDialog.xul
In the location field type/paste the URL of the website
  • retrieve the certificate via the "Get certificate" button
  • click the "View..." button to inspect the certificate in the Certificate Viewer
You can inspect details like the issuer and the certificate chain in the Details tab of the Certificate Viewer. Check who is the issuer of the certificate.

its Microsoft Family Safety

''cor-el [[#answer-761101|said]]'' <blockquote> If you can't inspect the certificate via "I Understand the Risks" then try this: Open this chrome URI by pasting or typing this URI in the location/address bar to open the "Add Security Exception" window and check the certificate: *chrome://pippki/content/exceptionDialog.xul In the location field type/paste the URL of the website *retrieve the certificate via the "Get certificate" button *click the "View..." button to inspect the certificate in the Certificate Viewer You can inspect details like the issuer and the certificate chain in the Details tab of the Certificate Viewer. Check who is the issuer of the certificate. </blockquote> its Microsoft Family Safety
jscher2000
  • Top 10 Contributor
8953 solutions 73379 answers

Chosen Solution

curtcurt said

its Microsoft Family Safety

If you do not need those parental controls, you can turn off that feature.

If you do need parental controls, you probably need to import a certificate so that Firefox will trust Microsoft Family Safety. (I would need to look up the details in a past thread.)

''curtcurt [[#answer-761117|said]]'' <blockquote> its Microsoft Family Safety </blockquote> If you do not need those parental controls, you can turn off that feature. If you do need parental controls, you probably need to import a certificate so that Firefox will trust Microsoft Family Safety. (I would need to look up the details in a past thread.)

Question owner

jscher2000 said

curtcurt said
its Microsoft Family Safety

If you do not need those parental controls, you can turn off that feature.

If you do need parental controls, you probably need to import a certificate so that Firefox will trust Microsoft Family Safety. (I would need to look up the details in a past thread.)

Yeah i took it off and everythings good now, thanks for the help everyone

''jscher2000 [[#answer-761135|said]]'' <blockquote> ''curtcurt [[#answer-761117|said]]'' <blockquote> its Microsoft Family Safety </blockquote> If you do not need those parental controls, you can turn off that feature. If you do need parental controls, you probably need to import a certificate so that Firefox will trust Microsoft Family Safety. (I would need to look up the details in a past thread.) </blockquote> Yeah i took it off and everythings good now, thanks for the help everyone
FredMcD
  • Top 10 Contributor
4394 solutions 61644 answers

Hello,

I am glad to hear that your problem has been resolved. If you haven't already, please select the answer that solves the problem. This will help other users with similar problems find the solution more easily.

Thank you for contacting Mozilla Support.

Hello, I am glad to hear that your problem has been resolved. If you haven't already, please select the answer that solves the problem. This will help other users with similar problems find the solution more easily. Thank you for contacting Mozilla Support.
creigsmith 0 solutions 6 answers

I had this problem too after upgrading to Win10Pro. (Everything was working under Win7Pro.) I'm pretty sure it wasn't a Microsoft Family Safety issue. But after looking at other posts (cor-el, jsher2000), and tracking down the CA chain for the certificates that failed, I found that a Bitdefender certificate was at the root, that was in Win10's cert store, but not in Firefox's. Exporting the Bitdefender cert from Win10 and importing to FF fixed the problem. Since I am using Bitdefender, jsher2000's description that security software like Bitdefender create their own fake certs so they can inspect the packets seems to partly explain this. What I don't understand is why it stopped working when upgrading to Win10. Did the Win10 installer invade FF's cert store and remove just the Bitdefender cert? (A possibility, if MS knows it's used to create fake certs and wants to protect against fakes, but I doubt it. The Win10 installer removed at least one of my programs, which I guess MS knows was incompatible with Win10.) Did FF used to look into Win7's cert store if it didn't find a cert in it's own cert store, and upgrading to Win10 confused FF as to where to find the Windows certs? Or did Bitdefender suddenly start using a new CA cert and neglected putting it into FF's store? (Bitdefender did insist on upgrading immediately after Win10 was installed.) If it's the 2nd option, could there be more problems with other certs? This also has me concerned -- if Bitdefender can inject itself into the store of certs in such a way that it becomes the "man in the middle", what's stopping some malware from doing the same? Also, I don't see Bitdefender as the root CA for every website I visit, so why does Bitdefender intervene with some websites, and not others? Also, I thought the whole idea how CAs are chained was supposed to make "man in the middle" impossible. But it's not impossible if you can get the browser to trust the fake certs.

I had this problem too after upgrading to Win10Pro. (Everything was working under Win7Pro.) I'm pretty sure it wasn't a Microsoft Family Safety issue. But after looking at other posts (cor-el, jsher2000), and tracking down the CA chain for the certificates that failed, I found that a Bitdefender certificate was at the root, that was in Win10's cert store, but not in Firefox's. Exporting the Bitdefender cert from Win10 and importing to FF fixed the problem. Since I am using Bitdefender, jsher2000's description that security software like Bitdefender create their own fake certs so they can inspect the packets seems to partly explain this. What I don't understand is why it stopped working when upgrading to Win10. Did the Win10 installer invade FF's cert store and remove just the Bitdefender cert? (A possibility, if MS knows it's used to create fake certs and wants to protect against fakes, but I doubt it. The Win10 installer removed at least one of my programs, which I guess MS knows was incompatible with Win10.) Did FF used to look into Win7's cert store if it didn't find a cert in it's own cert store, and upgrading to Win10 confused FF as to where to find the Windows certs? Or did Bitdefender suddenly start using a new CA cert and neglected putting it into FF's store? (Bitdefender did insist on upgrading immediately after Win10 was installed.) If it's the 2nd option, could there be more problems with other certs? This also has me concerned -- if Bitdefender can inject itself into the store of certs in such a way that it becomes the "man in the middle", what's stopping some malware from doing the same? Also, I don't see Bitdefender as the root CA for every website I visit, so why does Bitdefender intervene with some websites, and not others? Also, I thought the whole idea how CAs are chained was supposed to make "man in the middle" impossible. But it's not impossible if you can get the browser to trust the fake certs.
jscher2000
  • Top 10 Contributor
8953 solutions 73379 answers

Hi creigsmith, I think when BitDefender updated it changed its signing certificate, so the certificate previously stored by Firefox was obsolete and the trust relationship was broken until you imported the new certificate. I think that also is happening with Avast users upgrading to Windows 10.

Apparently the installers do update the Windows certificate store immediately so that Edge and IE and Chrome (which uses the system certificate store) can work with the new certificate transparently, but there seems to be the occasional delay or failure in updating Firefox's separate certificate store.

This also has me concerned -- if Bitdefender can inject itself into the store of certs in such a way that it becomes the "man in the middle", what's stopping some malware from doing the same?

Good question. Yes, any software that can execute on your system with a sufficient level of privileges has a good chance of being able to insert certificates into those files. It's a good reason to exercise caution when adding software to the computer, particularly in an age where "free" software often is bundled with lots of, um, garbage.

Also, I don't see Bitdefender as the root CA for every website I visit, so why does Bitdefender intervene with some websites, and not others?

I don't have any personal experience with BitDefender, but unless this feature is site-specific, I would expect it to be monitoring all traffic (evident with HTTPS traffic, invisibly with HTTP traffic).

Hi creigsmith, I think when BitDefender updated it changed its signing certificate, so the certificate previously stored by Firefox was obsolete and the trust relationship was broken until you imported the new certificate. I think that also is happening with Avast users upgrading to Windows 10. Apparently the installers do update the Windows certificate store immediately so that Edge and IE and Chrome (which uses the system certificate store) can work with the new certificate transparently, but there seems to be the occasional delay or failure in updating Firefox's separate certificate store. <blockquote>This also has me concerned -- if Bitdefender can inject itself into the store of certs in such a way that it becomes the "man in the middle", what's stopping some malware from doing the same?</blockquote> Good question. Yes, any software that can execute on your system with a sufficient level of privileges has a good chance of being able to insert certificates into those files. It's a good reason to exercise caution when adding software to the computer, particularly in an age where "free" software often is bundled with lots of, um, garbage. <blockquote>Also, I don't see Bitdefender as the root CA for every website I visit, so why does Bitdefender intervene with some websites, and not others? </blockquote> I don't have any personal experience with BitDefender, but unless this feature is site-specific, I would expect it to be monitoring all traffic (evident with HTTPS traffic, invisibly with HTTP traffic).