X
Tap here to go to the mobile version of the site.

Support Forum

Firefox fails https with vpn

Posted

I'm using F-secure Freedom for my VPN. I noticed that Firefox (only Firefox) cannot connect to any httpS sites as it tells me the certificate for any site (Google for example) is invalid.

Changing the proxy settings within Firefox does not help. Doesn't matter if I use current, beta, or developer build either.

I'm using F-secure Freedom for my VPN. I noticed that Firefox (only Firefox) cannot connect to any httpS sites as it tells me the certificate for any site (Google for example) is invalid. Changing the proxy settings within Firefox does not help. Doesn't matter if I use current, beta, or developer build either.

Additional System Details

Application

  • User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36

More Information

FredMcD
  • Top 10 Contributor
4266 solutions 59816 answers
What is your computer system and Firefox? ---------------- http://www.ehow.com/how_11385212_troubleshoot-reset-connection-firefox.html https://support.mozilla.org/en-US/kb/server-not-found-connection-problem https://support.mozilla.org/en-US/kb/firefox-cant-load-websites-other-browsers-can https://support.mozilla.org/en-US/kb/secure-connection-failed-error-message https://support.mozilla.org/en-US/kb/connection-untrusted-error-message '''http://kb.mozillazine.org/Error_loading_websites''' '''This Connection is Untrusted''' is sometimes caused because the computer system clock is wrong. Check the time / date / time zone settings.

Question owner

My time and date is correct. I have Google searched this and all those links I have tried.

My time and date is correct. I have Google searched this and all those links I have tried.
jscher2000
  • Top 10 Contributor
8783 solutions 71835 answers

So this problem only exists when using the F-Secure Freedome VPN -- if you turn off the VPN and connect directly to the same sites, the problem goes away?

I noticed the Freedome product has filtering -- "Safe Surfing", possibly an option you turn on/off -- which usually involves intercepting secure connections and presenting Firefox with a "fake" site certificate. Security products usually set up Firefox automatically to trust the signing certificate they use for the fake certificates, but in some cases, the trust is broken (e.g., after using the Refresh feature) or not yet established (in cases where you need to install in a particular order, Firefox then security or the other way around).

If you don't get a quick solution here, I suggest trying F-Secure's forum, too: https://community.f-secure.com/t5/F-Secure/bd-p/freedome

So this problem ''only'' exists when using the F-Secure Freedome VPN -- if you turn off the VPN and connect directly to the same sites, the problem goes away? I noticed the Freedome product has filtering -- "Safe Surfing", possibly an option you turn on/off -- which usually involves intercepting secure connections and presenting Firefox with a "fake" site certificate. Security products usually set up Firefox automatically to trust the signing certificate they use for the fake certificates, but in some cases, the trust is broken (e.g., after using the Refresh feature) or not yet established (in cases where you need to install in a particular order, Firefox then security or the other way around). If you don't get a quick solution here, I suggest trying F-Secure's forum, too: https://community.f-secure.com/t5/F-Secure/bd-p/freedome
jscher2000
  • Top 10 Contributor
8783 solutions 71835 answers

By the way, the usual roundabout method for copying a security company's signing certificate from the Windows certificate store (used by Chrome, IE, and Edge) to Firefox's certificate store is described in the following thread: sec_error_bad_signature only via proxy for https website. That might not be the easiest approach in this case, but might be needed in the end.

By the way, the usual roundabout method for copying a security company's signing certificate from the Windows certificate store (used by Chrome, IE, and Edge) to Firefox's certificate store is described in the following thread: [https://support.mozilla.org/questions/1068675 sec_error_bad_signature only via proxy for https website]. That might not be the easiest approach in this case, but might be needed in the end.

Modified by jscher2000