X
Tap here to go to the mobile version of the site.

Support Forum

SAYS SITES ARE UNSECURE WON'T LET ME CONNECT

KC
Posted

SUDDENLY all sorts of websites I try to connect to say the site is not secure. Even ones I know are secure such as my bank.

Sometimes it "LETS ME" add an exception and sometimes I just can't connect and it is really really really annoying that my browsing is constantly interfered with.

How do I fix this problem. There is no way 5 sites a day or more are unsecure.

SUDDENLY all sorts of websites I try to connect to say the site is not secure. Even ones I know are secure such as my bank. Sometimes it "LETS ME" add an exception and sometimes I just can't connect and it is really really really annoying that my browsing is constantly interfered with. How do I fix this problem. There is no way 5 sites a day or more are unsecure.

Additional System Details

Installed Plug-ins

  • Adobe PDF Plug-In For Firefox and Netscape 15.10.20056
  • NPWLPG
  • Picasa plugin
  • Shockwave Flash 21.0 r0
  • 5.1.41212.0
  • iTunes Detector Plug-in

Application

  • Firefox 45.0.1
  • User Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0
  • Support URL: https://support.mozilla.org/1/firefox/45.0.1/WINNT/en-US/

Extensions

  • 1-Click YouTube Video Downloader 2.4.0.1-signed (YoutubeDownloader@PeterOlayev.com)
  • Adblock Plus 2.7.2 ({d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d})
  • Classic Theme Restorer 1.4.9 (ClassicThemeRestorer@ArisT2Noia4dev)
  • Classic Toolbar Buttons 1.4.9.5 (CSTBB@NArisT2_Noia4dev)
  • CookieKeeper 1.8.5.1-signed.1-let-fixed (cookiekeeper@cookiekeeper.mozdev.org)
  • Firefox Hello Beta 0.1 (loop@mozilla.org)
  • Flash Video Downloader - YouTube HD Download [4K] 9.5.1 (artur.dubovoy@gmail.com)
  • Imgur Uploader 1.0.6.1-signed (giorgio@gilestro.tk)
  • NewScrollbars (aka NoiaScrollbars) 1.2.5 (NoiaScrollbars@ArisT2_Noia4dev)
  • Old Default Image Style 3.0.6.1-signed (olddefaultimagestyle@dagger2-addons.mozilla.org)
  • Screengrab (fix version) 0.98.12c ({02450914-cdd9-410f-b1da-db004e18c671})
  • Show my Password 2.0.1-signed ({cd617372-6743-4ee4-bac4-fbf60f35719e})
  • Theme Font & Size Changer 44.6 ({f69e22c7-bc50-414a-9269-0f5c344cd94c})
  • Webmail Ad Blocker 4.29 (gmailnoads@mywebber.com)
  • LastPass 3.3.1 (support@lastpass.com) (Inactive)
  • Open In Chrome 1.6.2 (openinchrome@griffeltavla.wordpress.com) (Inactive)
  • Open With Google Chrome 44.0 ({3cc6c6ba-654c-417e-a8af-6997ac388ae1}) (Inactive)

Javascript

  • incrementalGCEnabled: True

Graphics

  • adapterDescription: AMD Radeon(TM) R4 Graphics
  • adapterDescription2:
  • adapterDeviceID: 0x9851
  • adapterDeviceID2:
  • adapterDrivers: aticfx64 aticfx64 aticfx64 aticfx32 aticfx32 aticfx32 atiumd64 atidxx64 atidxx64 atiumdag atidxx32 atidxx32 atiumdva atiumd6a atitmm64
  • adapterDrivers2:
  • adapterRAM: 512
  • adapterRAM2:
  • adapterSubsysID: 06571028
  • adapterSubsysID2:
  • adapterVendorID: 0x1002
  • adapterVendorID2:
  • clearTypeParameters: Gamma: 2200 Pixel Structure: B ClearType Level: 0 Enhanced Contrast: 100
  • direct2DEnabled: True
  • directWriteEnabled: True
  • directWriteVersion: 6.3.9600.18123
  • driverDate: 3-25-2014
  • driverDate2:
  • driverVersion: 13.302.1601.0
  • driverVersion2:
  • info: {u'AzureCanvasBackend': u'direct2d 1.1', u'AzureFallbackCanvasBackend': u'cairo', u'AzureContentBackend': u'direct2d 1.1', u'AzureSkiaAccelerated': 0}
  • isGPU2Active: False
  • numAcceleratedWindows: 1
  • numTotalWindows: 1
  • supportsHardwareH264: Yes
  • webglRenderer: Google Inc. -- ANGLE (AMD Radeon(TM) R4 Graphics Direct3D11 vs_5_0 ps_5_0)
  • windowLayerManagerRemote: True
  • windowLayerManagerType: Direct3D 11

Modified Preferences

Misc

  • User JS: No
  • Accessibility: No
cor-el
  • Top 10 Contributor
  • Moderator
17519 solutions 158412 answers

There is security software like Avast and Kaspersky and BitDefender and ESET that intercepts secure connections and sends their own certificate or that incorporates special web shielding features that can block content.

You can retrieve the certificate and check details like the issuer of the certificate and the certificate chain.

  • click "Advanced" to expand the error message
  • click "Add Exception" to open "Add Security Exception"

If this isn't possible then open "Add Security Exception" by pasting this URL in the location/address bar and paste the URL of the website (https://xxx.xxx) in it's location field.

  • chrome://pippki/content/exceptionDialog.xul

Let Firefox retrieve the certificate -> "Get Certificate"

  • click the "View" button and inspect the certificate

You can see details like the issuer of the certificate and intermediate certificates that are used in the Details tab.

Who is the issuer of the certificate?

There is security software like Avast and Kaspersky and BitDefender and ESET that intercepts secure connections and sends their own certificate or that incorporates special web shielding features that can block content. You can retrieve the certificate and check details like the issuer of the certificate and the certificate chain. *click "Advanced" to expand the error message *click "Add Exception" to open "Add Security Exception" If this isn't possible then open "Add Security Exception" by pasting this URL in the location/address bar and paste the URL of the website (https://xxx.xxx) in it's location field. *<b>chrome://pippki/content/exceptionDialog.xul</b> Let Firefox retrieve the certificate -> "Get Certificate" *click the "View" button and inspect the certificate You can see details like the issuer of the certificate and intermediate certificates that are used in the Details tab. Who is the issuer of the certificate?
cor-el
  • Top 10 Contributor
  • Moderator
17519 solutions 158412 answers

If you have an "Old Firefox Data" folder on the desktop then you can try to copy the cert8.db file from that folder to the current profile folder.

You can use this button to go to the current Firefox profile folder:

If you have an "Old Firefox Data" folder on the desktop then you can try to copy the cert8.db file from that folder to the current profile folder. You can use this button to go to the current Firefox profile folder: *Help > Troubleshooting Information > Profile Directory:<br>Windows: Show Folder; Linux: Open Directory; Mac: Show in Finder *http://kb.mozillazine.org/Profile_folder_-_Firefox

Question owner

I don't always have the option to Add Security Exception - sometimes I can and sometimes I can't so that doesn't solve anything.

I don't always have the option to Add Security Exception - sometimes I can and sometimes I can't so that doesn't solve anything.

Question owner

Can I just delete Firefox and reinstall it I don't have time for looking for old profile - I don't understand how to do that

Can I just delete Firefox and reinstall it I don't have time for looking for old profile - I don't understand how to do that

Question owner

I don't have an Old Firefox Folder on my desktop.

I don't have an Old Firefox Folder on my desktop.
cor-el
  • Top 10 Contributor
  • Moderator
17519 solutions 158412 answers

Did you check the issuer of the certificate by using the above posted Chrome URL to open "Add Security Exception" via the location/address bar?

  • chrome://pippki/content/exceptionDialog.xul

Firefox uses the "chrome://" protocol to access its own internal files and also access files from extensions (no relation with Google Chrome).

Did you check the issuer of the certificate by using the above posted Chrome URL to open "Add Security Exception" via the location/address bar? *chrome://pippki/content/exceptionDialog.xul Firefox uses the "chrome://" protocol to access its own internal files and also access files from extensions (no relation with Google Chrome). *https://developer.mozilla.org/en/Chrome
jscher2000
  • Top 10 Contributor
8758 solutions 71655 answers

Hi KC, uninstalling/reinstalling is not likely to help.

Note that you should NEVER need to add an exception for a well-run website, so it's important to sort out why your Firefox thinks the site certificates are invalid.

When you get untrusted connection errors for pretty much all secure sites, the problem usually is one of the following:

(1) Error in your system's date, time, or time zone, which throws off certificate validity checks. Sometimes allowing computers to use an internet-based time source can introduce this problem.

(2) Firefox not being set up to work with your security software that intercepts and filters secure connections. Products with this feature include Avast, BitDefender, Bullguard, ESET, and Kaspersky; AVG LinkScanner / SurfShield can cause this error on search sites.

(3) On Windows 10 (and for some users Windows 8.1), Firefox not being set up to work with the parental control software Microsoft Family Safety. (To test by turning it off, see: http://windows.microsoft.com/en-us/wi.../turn-off-microsoft-family-settings)

(4) Malware on your system intercepting secure connections.

If you have any of those specific security products:

That would be the first thing to check. This support article will walk you through it: How to troubleshoot security error codes on secure websites.

If none of those ring a bell:

You could inspect a sample certificate to see whether that points to the culprit. If you want to try that now, here's how I suggest starting:

Load my test page at: https://jeffersonscher.com/res/jstest.php

You likely will get an error page. Expand the "Advanced" button and look for an Add Exception button.

Note: You don't need to complete the process of adding an exception -- I suggest not adding one until we know this isn't a malware issue -- but you can use the dialog to view the information that makes Firefox suspicious.

Click Add Exception, and the certificate exception dialog should open.

Click the View button. If View is not enabled, try the Get Certificate button first.

This should pop up the Certificate Viewer. Look at the "Issued by" section, and on the Details tab, the Certificate Hierarchy. What do you see there? I have attached a screen shot for comparison.

Hi KC, uninstalling/reinstalling is not likely to help. Note that you should NEVER need to add an exception for a well-run website, so it's important to sort out why your Firefox thinks the site certificates are invalid. When you get untrusted connection errors for pretty much all secure sites, the problem usually is one of the following: (1) Error in your system's date, time, or time zone, which throws off certificate validity checks. Sometimes allowing computers to use an internet-based time source can introduce this problem. (2) Firefox not being set up to work with your security software that intercepts and filters secure connections. Products with this feature include Avast, BitDefender, Bullguard, ESET, and Kaspersky; AVG LinkScanner / SurfShield can cause this error on search sites. (3) On Windows 10 (and for some users Windows 8.1), Firefox not being set up to work with the parental control software Microsoft Family Safety. (To test by turning it off, see: [http://windows.microsoft.com/en-us/windows-10/turn-off-microsoft-family-settings]) (4) Malware on your system intercepting secure connections. ''If you have any of those specific security products:'' That would be the first thing to check. This support article will walk you through it: [[How to troubleshoot the error code "SEC_ERROR_UNKNOWN_ISSUER" on secure websites]]. ''If none of those ring a bell:'' You could inspect a sample certificate to see whether that points to the culprit. If you want to try that now, here's how I suggest starting: Load my test page at: https://jeffersonscher.com/res/jstest.php You likely will get an error page. Expand the "Advanced" button and look for an Add Exception button. ''Note: You don't need to complete the process of adding an exception -- I suggest not adding one until we know this isn't a malware issue -- but you can use the dialog to view the information that makes Firefox suspicious.'' Click Add Exception, and the certificate exception dialog should open. Click the View button. If View is not enabled, try the Get Certificate button first. This should pop up the Certificate Viewer. Look at the "Issued by" section, and on the Details tab, the Certificate Hierarchy. What do you see there? I have attached a screen shot for comparison.
ratpacker 1 solutions 14 answers

jscher2000: I tried to copy an old version of cert8.db to my profile but that changed nothing.

That last solution where you mention "You likely will get an error page. Expand the "Advanced" button and look for an Add Exception button." and then look at the certificates was the most helpful. I looked at the list and my yahoo mail bookmark that I used was not on the list. So I Googled Yahoo, clicked on mail, and a new URL came up (only the very last part of the URL was different). I clicked on that new URL and could login and see my mail. Yahoo might have changed the format of the last part of its URL (it uses a random number generator, but there is a difference in the code just before that number). That URL is not listed in the list of accepted certifications, however, but Firefox allowed it to open. So the question may be settled now, but not tomorrow or one hour from now.

jscher2000: I tried to copy an old version of cert8.db to my profile but that changed nothing. That last solution where you mention "You likely will get an error page. Expand the "Advanced" button and look for an Add Exception button." and then look at the certificates was the most helpful. I looked at the list and my yahoo mail bookmark that I used was not on the list. So I Googled Yahoo, clicked on mail, and a new URL came up (only the very last part of the URL was different). I clicked on that new URL and could login and see my mail. Yahoo might have changed the format of the last part of its URL (it uses a random number generator, but there is a difference in the code just before that number). That URL is not listed in the list of accepted certifications, however, but Firefox allowed it to open. So the question may be settled now, but not tomorrow or one hour from now.