Connection is insecure for facebook and google with mcaffee software
I have spent an hour researching but couldn't find any help specifically for mcaffee. Facebook and google show as "Your connection is not secure".
"The owner of www.facebook.com has configured their website improperly ... ". I do find that hard to believe personally ... google as well.
Like many, I don't have the option to add an exception. I feel this is related to mcaffee but can't find anywhere to change the settings.
Any advice?
Thanks a lot!
Chosen solution
Aha, your company uses the Zscaler proxy. So the fake certificate for Facebook presumably is one you can trust.
There are two options for setting up Firefox to work with a proxy server:
(1) The traditional approach is to import the proxy's signing certificate into Firefox's certificate store as a trusted authority. The steps for that are in this thread: sec_error_bad_signature only via proxy for https website.
It's a bit of pain, but the advantage of that approach is that you are making the minimal compromise of security.
(2) A newer option is to have Firefox trust everything that Internet Explorer trusts by having it check for authority certificates in the Windows certificate store. This is easier, but the downside is that any successful attack on the Windows certificate store (bogus authority certificates inserted there by malware) will affect Firefox, too.
(A) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful.
(B) In the search box above the list, type or paste root and pause while the list is filtered
(C) Double-click the security.enterprise_roots.enabled preference to switch the value from false to true
I'm not sure whether that will start working immediately or after the next time to exit Firefox and start it up again.
Read this answer in context 👍 1All Replies (8)
This is a facebook issue and not a Firefox issue. You could notify Facebook Support and can ignore the warning if you know you are going to facebook as per mouse over and address displays left bottom of browser and does not say redirect or a wack of % signs. If does is possible you have malware. Please let us know if that solved your issue or need further help.
What McAfee product are you using?
Does the error page displayed by Firefox have an Advanced button? If so, could you copy/paste the more detailed error information from that section. One of the most common codes you see there is covered by the following article, although I don't think McAfee has traditionally been one of the culprits:
Pkshadow said
This is a facebook issue and not a Firefox issue. You could notify Facebook Support and can ignore the warning if you know you are going to facebook as per mouse over and address displays left bottom of browser and does not say redirect or a wack of % signs. If does is possible you have malware. Please let us know if that solved your issue or need further help.
Thanks for the response! I must admit, I didn't get the final half of the paragraph, but regarding it being a facebook issue. I understand that Mozilla is blocking something facebook have done / failed to do. But it's the same for sites as prestigious as google. For me, if Mozilla is saying google's connection is insecure, Mozilla need to address their "blocking rules". I shouldn't have to find a workaround for google in my opinion. Then again, it could be mcafee. Thanks again.
jscher2000 said
What McAfee product are you using? Does the error page displayed by Firefox have an Advanced button? If so, could you copy/paste the more detailed error information from that section. One of the most common codes you see there is covered by the following article, although I don't think McAfee has traditionally been one of the culprits: How to troubleshoot security error codes on secure websites
Thanks! That is exactly the article I referred to and used, but as you said, couldn't find anything for McAfee. So I came here :) So that error message is the one I get.
Having spoken with our IT engineer in work, he states it's "8.8 sp8" ish :)
If this helps more, looking at the about section of My McAfee, it seems to be split into 3 separate "systems":
McAfee Agent version number: 5.0.3.272
McAfee Site Site Advisor Enterprise version number: 3.5.0.1228
McAfee Virus scan + antispyware: 8.8.0 (8.8.0.1528)
Thanks in advance for the help!
Hmm, with business software, I think your IT would tell you if this was a normal issue with McAfee. Or maybe you're the only person using Firefox?
You can try loading this internal page directly in a tab (copy/paste the address into the address bar and press Enter) to view the problem certificates:
chrome://pippki/content/exceptionDialog.xul
If you enter www.facebook.com into the blank and press the Get Certificate button, then the View button, what do you see for the Issued by and Certificate Hierarchy? I am attaching a screenshot for comparison.
Thanks. I've provided 2 snapshots via the "Add images". Hope you can see them alright.
Chosen Solution
Aha, your company uses the Zscaler proxy. So the fake certificate for Facebook presumably is one you can trust.
There are two options for setting up Firefox to work with a proxy server:
(1) The traditional approach is to import the proxy's signing certificate into Firefox's certificate store as a trusted authority. The steps for that are in this thread: sec_error_bad_signature only via proxy for https website.
It's a bit of pain, but the advantage of that approach is that you are making the minimal compromise of security.
(2) A newer option is to have Firefox trust everything that Internet Explorer trusts by having it check for authority certificates in the Windows certificate store. This is easier, but the downside is that any successful attack on the Windows certificate store (bogus authority certificates inserted there by malware) will affect Firefox, too.
(A) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful.
(B) In the search box above the list, type or paste root and pause while the list is filtered
(C) Double-click the security.enterprise_roots.enabled preference to switch the value from false to true
I'm not sure whether that will start working immediately or after the next time to exit Firefox and start it up again.
Outstanding! I used the 2nd option ... it being a work system, if anything crashes I can get it replaced ;) Took my 30 seconds and worked straight away!
Thank you so much!!