when i try to open my NAS 'webpage' firefox has allsorts of 'unsafe' messages and I dont know how to fix this
I know nothing about 'incorrectly configured websites' this is just my NAS browser access (router is like it too). I dont want to fiddle with the advanced stuff (that i dont understand anyway) but how do I fix it so I can reach my nas and router without compromising the security it is so scaring me with? I use win10 and am on the last version of firefox not 57 because some things dont work with the new version.
Chosen solution
shd said
192.168.1.8 uses an invalid security certificate. The certificate is not trusted because it is self-signed.
A self-signed certificate can't be verified, because there's no way to track it back to a trusted certificate issuing authority. If this is the only address that has this issue, then I think it's reasonable to assume Firefox's diagnosis accurately reflects the problem and the issue is not related to security software or malware interposing itself as your NAS. You probably have no choice but to add an exception for it (which is essentially what you are doing in other browsers when you bypass the error).
Read this answer in context 👍 0All Replies (5)
Do you use an HTTP or an HTTPS address for the device?
HTTP Issues
Firefox will present warnings about login forms on pages with HTTP addresses because your user name and password are sent in clear text. That exposes them to capture by anyone sniffing on the wire.
HTTPS Issues
Some older NAS devices were not updated with newer protocols and ciphers after their release or their "end of life" date, so as Firefox gradually discontinues support for protocols (like SSL 3.0) and ciphers (like RC4) that have known vulnerabilities, it loses the ability to connect to those devices using HTTPS. Please check with your manufacturer to see whether any updates are available. Otherwise, you may need to use Internet Explorer 11 or another older browser to manage the device.
Thankyou for the explanation - instead of the dire warning and gobbledegook from firefox! you are right it is http and 'end of life' though as I am no spring chicken and use car, washing machine etc etc older than 5 years, I do not regard it as old! Chrome gives the same warning but has a simple 'carry on anyway' option - as I have a good router, antivirus and firewall is it ok to do this? (this is a home network) I don't understand the firefox advanced options.
If it is an HTTP address, not HTTPS, then you should not get a warning page, just a little warning on the login form. If you press the Esc key, that warning should be removed long enough to enter your username and password.
If you get a full page error, could you copy/paste the detailed error information that appears after you click the Advanced button?
Hi, my mistake, now I look closely it says https and the advanced bit says -
192.168.1.8 uses an invalid security certificate. The certificate is not trusted because it is self-signed. The certificate is not valid for the name 192.168.1.8. Error code: SEC_ERROR_UNKNOWN_ISSUER
so I looked up this error code and once again there is nothing about ordinary home users with a NAS and close to zero knowledge! it goes on about antivirus programs and corporate networks and family settings, absolutely no mention of NAS (doesnt everyone have one these days?)
the advanced bit has lots of warnings and implies I and my system are in the wrong, is it ok to make the exception? and if yes why does mozilla not say so!
Chosen Solution
shd said
192.168.1.8 uses an invalid security certificate. The certificate is not trusted because it is self-signed.
A self-signed certificate can't be verified, because there's no way to track it back to a trusted certificate issuing authority. If this is the only address that has this issue, then I think it's reasonable to assume Firefox's diagnosis accurately reflects the problem and the issue is not related to security software or malware interposing itself as your NAS. You probably have no choice but to add an exception for it (which is essentially what you are doing in other browsers when you bypass the error).