X
Tap here to go to the mobile version of the site.

Support Forum

FIrefox incorrectly reporting pages as insecure

Posted

Several sites are blocked for me in spite of being well known reputable (i think!) sites.

Santander Personal Banking and Daybreak games are examples. Take daybreakgames. URL is:

https://auth.daybreakgames.com/login?service=https%3A%2F%2Fwww.daybreakgames.com%2Fj_spring_cas_security_check&theme=dgc&locale=en_US

I get the following message:

<<< The connection to auth.daybreakgames.com was interrupted while the page was loading.

   The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
   Please contact the website owners to inform them of this problem.

>>>

If I click the (i) icon in the address bar to see site certificate info I see 'connection is not secure' Your connection to this server is not private.

Yes it is, it's HTTPS

I open the same site in Chrome (speak of the devil!) and it reports a valid certifificate, the connection is secure TLS (doesn't specify version) and that all resources on the server are served securely.

So who's right? I'm pretty damn sure a mid sized organisation like daybreakgames and a large bank like Santander are in fact secured by https

Any hints to kick firefox into some kind of sense appreciated.

Cheers

S

Several sites are blocked for me in spite of being well known reputable (i think!) sites. Santander Personal Banking and Daybreak games are examples. Take daybreakgames. URL is: https://auth.daybreakgames.com/login?service=https%3A%2F%2Fwww.daybreakgames.com%2Fj_spring_cas_security_check&theme=dgc&locale=en_US I get the following message: <<< The connection to auth.daybreakgames.com was interrupted while the page was loading. The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem. >>> If I click the (i) icon in the address bar to see site certificate info I see 'connection is not secure' Your connection to this server is not private. Yes it is, it's HTTPS I open the same site in Chrome (speak of the devil!) and it reports a valid certifificate, the connection is secure TLS (doesn't specify version) and that all resources on the server are served securely. So who's right? I'm pretty damn sure a mid sized organisation like daybreakgames and a large bank like Santander are in fact secured by https Any hints to kick firefox into some kind of sense appreciated. Cheers S

Chosen solution

Hi Cor-el

Thanks for helping.

I've mostly fixed this, a long time ago I had changed security.tls.version.max to 1, this was a long time ago and when I logged in to Firefox it obviously had kept this setting.

This fixed the daybreakgames site. But there's still an issue with Santander, but now the link to accept the lower security works.

If I click on the (i) icon in the address bar it says that santander uses 'weak encryption'. So I guess this means Santander is at fault? I'm very surprised.

I will mark this as completed, thanks everyone for your time.

Read this answer in context 3

Additional System Details

Installed Plug-ins

  • Google Update
  • The plugin allows you to have a better experience with Microsoft SharePoint
  • LastPass Plugin
  • NPWLPG
  • 5.1.41212.0

Application

  • User Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0

More Information

FredMcD
  • Top 10 Contributor
3740 solutions 51379 answers

Helpful Reply

There is security software like Avast and Kaspersky and BitDefender and ESET that intercept secure connections and send their own certificate.

http://www.ehow.com/how_11385212_troubleshoot-reset-connection-firefox.html

https://support.mozilla.org/en-US/kb/server-not-found-connection-problem

https://support.mozilla.org/en-US/kb/firefox-cant-load-websites-other-browsers-can

https://support.mozilla.org/en-US/kb/secure-connection-failed-error-message

https://support.mozilla.org/en-US/kb/connection-untrusted-error-message

http://kb.mozillazine.org/Error_loading_websites

This Connection is Untrusted is sometimes caused because the computer system clock is wrong. Check the time / date / time zone settings.

There is security software like Avast and Kaspersky and BitDefender and ESET that intercept secure connections and send their own certificate. http://www.ehow.com/how_11385212_troubleshoot-reset-connection-firefox.html https://support.mozilla.org/en-US/kb/server-not-found-connection-problem https://support.mozilla.org/en-US/kb/firefox-cant-load-websites-other-browsers-can https://support.mozilla.org/en-US/kb/secure-connection-failed-error-message https://support.mozilla.org/en-US/kb/connection-untrusted-error-message '''http://kb.mozillazine.org/Error_loading_websites''' '''This Connection is Untrusted''' is sometimes caused because the computer system clock is wrong. Check the time / date / time zone settings.

Question owner

Hi Fred

Many thanks for taking the time to reply.

The time/date settings are correct (NZ) and I'm just using the default Windows 10 security. This machine was very recently re-installed so it's almost a vanilla FF installation. I had this problem with Santander before the clean install as well.

Hi Fred Many thanks for taking the time to reply. The time/date settings are correct (NZ) and I'm just using the default Windows 10 security. This machine was very recently re-installed so it's almost a vanilla FF installation. I had this problem with Santander before the clean install as well.
FredMcD
  • Top 10 Contributor
3740 solutions 51379 answers

Check your security software.

Check your security software.

Question owner

About all you can do is disable the default W10 defender which I have tried, also adding and removing a firefox exclusion

Have tried running FF in safe mode

Ensured it's not trying to connect via proxy

Cleared cache

IE11 and Chrome both connect without issue

Deleted cert8.db

About all you can do is disable the default W10 defender which I have tried, also adding and removing a firefox exclusion Have tried running FF in safe mode Ensured it's not trying to connect via proxy Cleared cache IE11 and Chrome both connect without issue Deleted cert8.db

Modified by Simbosan

philipp
  • Top 25 Contributor
  • Moderator
5127 solutions 22715 answers

hi, can you give us the following information about the issue with santander?:

  • what is the error code shown when you click on advanced on that error page?
  • please also give us more information about the error by clicking on the error code, copying the text to the clipboard and then pasting it here into a reply in the forum.

thank you!

hi, can you give us the following information about the issue with santander?: * what is the '''error code''' shown when you click on ''advanced'' on that error page? * please also give us more information about the error by clicking on the error code, copying the text to the clipboard and then pasting it here into a reply in the forum. thank you!

Question owner

Hi Phillip

Thanks for responding:

The error page is different for Santander, but the info from the address bar icon is the same:

Page <<< Your connection is not secure

The owner of retail.santander.co.uk has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.

Learn more…

Report errors like this to help Mozilla identify and block malicious sites

retail.santander.co.uk uses security technology that is outdated and vulnerable to attack. An attacker could easily reveal information which you thought to be safe. Advanced info: SSL_ERROR_NO_CYPHER_OVERLAP (Not secure) Try loading retail.santander.co.uk using outdated security

>>>

Icon <<< retail.santander.co.uk Your connection is not secure >

> Your connection to this site is not private, information you submit could be viewed by others.... >>>

I've tried deleting the cert8.db to refresh the certificate cache, still not working

Cheers

S

Hi Phillip Thanks for responding: The error page is different for Santander, but the info from the address bar icon is the same: Page <<< Your connection is not secure The owner of retail.santander.co.uk has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website. Learn more… Report errors like this to help Mozilla identify and block malicious sites retail.santander.co.uk uses security technology that is outdated and vulnerable to attack. An attacker could easily reveal information which you thought to be safe. Advanced info: SSL_ERROR_NO_CYPHER_OVERLAP (Not secure) Try loading retail.santander.co.uk using outdated security >>> Icon <<< retail.santander.co.uk Your connection is not secure > > Your connection to this site is not private, information you submit could be viewed by others.... >>> I've tried deleting the cert8.db to refresh the certificate cache, still not working Cheers S
cor-el
  • Top 10 Contributor
  • Moderator
16610 solutions 150010 answers

If you can't inspect the certificate via Advanced (I Understand the Risks) then try this:

Open the "Add Security Exception" window by pasting this chrome URL in the Firefox location/address bar and check the certificate:

  • chrome://pippki/content/exceptionDialog.xul

In the location field of this window type or paste the URL of the website with the https:// protocol prefix (https://retail.santander.co.uk/).

  • retrieve the certificate via the "Get certificate" button
  • click the "View..." button to inspect the certificate in the Certificate Viewer

You can inspect details like the issuer and the certificate chain in the Details tab of the Certificate Viewer. Check who is the issuer of the certificate. If necessary then please attach a screenshot that shows the Certificate Viewer with the issuer.

If you can't inspect the certificate via Advanced (I Understand the Risks) then try this: Open the "Add Security Exception" window by pasting this chrome URL in the Firefox location/address bar and check the certificate: *<b>chrome://pippki/content/exceptionDialog.xul</b> In the location field of this window type or paste the URL of the website with the https:// protocol prefix (https://retail.santander.co.uk/). *retrieve the certificate via the "Get certificate" button *click the "View..." button to inspect the certificate in the Certificate Viewer You can inspect details like the issuer and the certificate chain in the Details tab of the Certificate Viewer. Check who is the issuer of the certificate. If necessary then please attach a screenshot that shows the Certificate Viewer with the issuer.

Chosen Solution

Hi Cor-el

Thanks for helping.

I've mostly fixed this, a long time ago I had changed security.tls.version.max to 1, this was a long time ago and when I logged in to Firefox it obviously had kept this setting.

This fixed the daybreakgames site. But there's still an issue with Santander, but now the link to accept the lower security works.

If I click on the (i) icon in the address bar it says that santander uses 'weak encryption'. So I guess this means Santander is at fault? I'm very surprised.

I will mark this as completed, thanks everyone for your time.

Hi Cor-el Thanks for helping. I've mostly fixed this, a long time ago I had changed security.tls.version.max to 1, this was a long time ago and when I logged in to Firefox it obviously had kept this setting. This fixed the daybreakgames site. But there's still an issue with Santander, but now the link to accept the lower security works. If I click on the (i) icon in the address bar it says that santander uses 'weak encryption'. So I guess this means Santander is at fault? I'm very surprised. I will mark this as completed, thanks everyone for your time.
cor-el
  • Top 10 Contributor
  • Moderator
16610 solutions 150010 answers

There is no problem with the retail.santander.co.uk server.

Did you check the issuer?

  • Entrust Certification Authority - L1M
There is no problem with the retail.santander<i></i>.co<i></i>.uk server. *https://www.ssllabs.com/ssltest/analyze.html?d=retail.santander.co.uk&latest Did you check the issuer? *Entrust Certification Authority - L1M

Question owner

Hi Cor-el, not sure what you mean by check the issuer.

I reset all firefox settings to default (excluding some normal config items) and now Santander seems fine.

I must have set that TSL setting a looong ago, can't remember why, and because I use Firefox sync it's followed me around forever.

Storing settings online muddies the water sometimes, never quite sure if you have a 'fresh' installation.

Thanks again for your help

Hi Cor-el, not sure what you mean by check the issuer. I reset all firefox settings to default (excluding some normal config items) and now Santander seems fine. I must have set that TSL setting a looong ago, can't remember why, and because I use Firefox sync it's followed me around forever. Storing settings online muddies the water sometimes, never quite sure if you have a 'fresh' installation. Thanks again for your help
philipp
  • Top 25 Contributor
  • Moderator
5127 solutions 22715 answers

please try this & see if it makes a difference on santander: enter about:config into the firefox address bar (confirm the info message in case it shows up) & search for all custom preferences (=shown in bold) starting with security. & reset them to their default value by right-clicking them.

please try this & see if it makes a difference on santander: enter '''about:config''' into the firefox address bar (confirm the info message in case it shows up) & search for all custom preferences (=shown in bold) starting with '''security.''' & reset them to their default value by right-clicking them.