This thread was archived. Please ask a new question if you need help.
Firefox won't let me connect to my bank since I had a upgrade. It tell me it is a insecure connection. I have been using this website for years and now I can't!
Firefox updated earlier this week and I was able to connect to my bank website and now today it says it a insecure connection.I copied what it says on the error statement. The owner of www.cornerstoneconnect.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website. I have been using this same website for years and now it decides it's not safe! I do not a a anti-virus installed so that can't be the problem. Please help I would hate to have to us a different browser!
All Replies (11)
A screenshot of the actual error would help here. That way anyone else that uses that same banking system can see if they have the same issue. Also you should contact the banking system to ask if they themselves have updated their own security checks because if those fail the Browser will also fail to connect if it doesn't meet the Browser security checks.
Separate Security Issue: Update your Flash Player or remove it using these links; http://helpx.adobe.com/flash-player/kb/uninstall-flash-player-windows.html Uninstall Flash Player | Windows http://helpx.adobe.com/flash-player/kb/uninstall-flash-player-mac-os.html Uninstall Flash Player | Mac
Note: Windows users should download the ActiveX for Internet Explorer. and the plugin for Plugin-based browsers (like Firefox).
Note: Windows 8 and Windows 10 have built-in flash players and Adobe will cause a conflict. Install the plugin only. Not the ActiveX.
Flash Player Version: Version 22.214.171.124
https://get.adobe.com/flashplayer/ Direct link scans current system and browser Note: Other software is offered in the download. <Windows Only>
https://get.adobe.com/flashplayer/otherversions/ Step 1: Select Operating System Step 2: Select A Version (Firefox, Win IE . . . .) Note: Other software is offered in the download. <Windows Only> +++++++++++++++++++ See if there are updates for your graphics drivers https://support.mozilla.org/en-US/kb/upgrade-graphics-drivers-use-hardware-acceleration
There is security software like Avast, Kaspersky, BitDefender and ESET that intercept secure connections and send their own certificate.
- uses an invalid security certificate SSL_ERROR_BAD_CERT_DOMAIN
- configured their website improperly
How to troubleshoot the error code "SEC_ERROR_UNKNOWN_ISSUER" on secure websites https://support.mozilla.org/en-US/kb/troubleshoot-SEC_ERROR_UNKNOWN_ISSUER
The advice to contact the site owner and request changes seems to be a non-starter since the sites include multiple major banks, Google, national online stores, the largest credit card companies, etc.). What was changed to produce this sudden failure which renders the browser virtually useless? If it was made in a recent update, can the update be identified, and would it be possible to reload and revert to a previous version?
It may not be the website, but your security software causing the issue. I have no issue with the link you posted.
I see that Firefox performed an auto update to 63.0.1 two days ago. Is there anyway I could revert to a previous version?
Who is the issuer of the certificate?
You can check if there is more detail available about the issuer of the certificate.
- click the "Advanced" button show more detail
- click the blue error text (SEC_ERROR_UNKNOWN_ISSUER) to show the certificate chain
- click "Copy text to clipboard" and paste the base64 certificate chain text in a reply
If clicking the blue error text doesn't provide the certificate chain then try these steps to inspect the certificate.
- open the Servers tab in the Certificate Manager
- Options/Preferences -> Privacy & Security
Certificates: View Certificates -> Servers: "Add Exception"
- Options/Preferences -> Privacy & Security
- paste the URL of the website (https://xxx.xxx) in it's Location field
Let Firefox retrieve the certificate -> "Get Certificate"
- click the "View" button and inspect the certificate
You can see detail like the issuer of the certificate and intermediate certificates in the Details tab.
As I said, there are dozens of sites involved (I suspect that the problem is occurring with any and all https//... sites). I have retrieved the certificate text for just one of them which I append here:
Peer’s Certificate issuer is not recognized.
HTTP Strict Transport Security: false HTTP Public Key Pinning: false
MIIEjjCCA3agAwIBAgIJAKaUq5DWvLA8MA0GCSqGSIb3DQEBCwUAMGAxLTArBgNV BAMMJEJpdGRlZmVuZGVyIFBlcnNvbmFsIENBLk5ldC1EZWZlbmRlcjEMMAoGA1UE CwwDSURTMRQwEgYDVQQKDAtCaXRkZWZlbmRlcjELMAkGA1UEBhMCVVMwHhcNMTgx MDI0MDAwMDAwWhcNMjAwOTI5MTIwMDAwWjCB3DEdMBsGA1UEDwwUUHJpdmF0ZSBP cmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQ0ExHDAaBgsrBgEEAYI3PAIB AhMLTm92YSBTY290aWExEDAOBgNVBAUTBzEwMTAxOTcxCzAJBgNVBAYTAkNBMRAw DgYDVQQIEwdPbnRhcmlvMRAwDgYDVQQHEwdUb3JvbnRvMSIwIAYDVQQKExlUaGUg VG9yb250by1Eb21pbmlvbiBCYW5rMSEwHwYDVQQDExh3d3cuYXV0aG9yaXphdGlv bi50ZC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDuKHR2iib7 Qkvhzd+nz3h8kQxvq8VtDA5IRANRIV87QoxP7H5+KMVIrkGIdxYGBhNsHzU8fB1r xjs3strKOB7QyEiIlZB5NxKFVWv5yF+DI2BmurzHzYX37Q2qgUxDbQ6WtwX+FBPb pVHig30pa2+IY5iUThS64ObRd48+TYRp/NOIG9l6f78u2NO3IFHucb2JMH0Lcrj/ xyoP9Sy8wUjRgeKXwpGOn5m0i02usvppACDdq3yFWZizwQSMB/bpkVtaLYNO0OjC RmTvd3QHNXrsVQXhpwgMm1MsajiZGbzMC+4Mr5MI/wwlhFYo5b09KAzJsVVgez+P yAeTx1i7vJ/5AgMBAAGjgc0wgcowNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovLzEy Ny4xMjcuMTI3LjEyNzozOTM5LzYyZWE3LmNydDCBjwYDVR0RBIGHMIGEghh3d3cu YXV0aG9yaXphdGlvbi50ZC5jb22CGHdiLmF1dGhlbnRpY2F0aW9uLnRkLmNvbYIP cG9zdGF1dGgudGQuY29tghRhdXRob3JpemF0aW9uLnRkLmNvbYIQYXV0aG1haW50 LnRkLmNvbYIVYXV0aGVudGljYXRpb24udGQuY29tMA0GCSqGSIb3DQEBCwUAA4IB AQAm+COAbZ5l4rY8P5NRvUFZwknJU+gtRKv2yHgfNJ2v55JDNr0UXqwAzGM6g8I2 d5W61F+XP2YK5hnZGTwz14bPkkhdFB2kGX+jBWPBbSN/YOh5HHHAAHSprYaMroh5 RirZjE1h949U2oSe/jORIl4+52zkvZOakQAY5R4haRxnR40kNvQAfpWPWfSG9yeP kv6q1H8/KodQRoMvL83kj4uujClgMaNub9m3R3HJGcx7iiYQvfjLyP4UlG+GCFsi xIDIZbzOLfUiSuGdbpo6ifS1+Yv+OiS/BmKvtUDjkrlpD0YpEiNeN4WKVUCFXkf/ zlitnnRwnHbdYeTxjTVwbmef
The certificate is issued by Bitdefender.
- Subject businessCategory=Private Organization, jurisdictionC=CA, jurisdictionST=Nova Scotia, serialNumber=1010197, C=CA, ST=Ontario, L=Toronto, O=The Toronto-Dominion Bank, CN=www.authorization.td.com
- Issuer CN=Bitdefender Personal CA.Net-Defender, OU=IDS, O=Bitdefender, C=US
- /questions/1238264 How can I eliminate the SEC_ERROR_UNKNOWN_ISSUER errors I get at multiple websites?
Thanks for the analysis and pointer. Pursuing the Bitdefender route - it looks as if I have probably got some variant of problems reported there. i'll report back when I have found out more.
Modified by ianj39
This posting is written with the aim of helping anyone who meets the same problem.
After investigating the problem with the Bitdefender Support Center it appears that in this case it arose within the "Encrypted Web Scan" function of the Online Threat Protection feature. This was confirmed by temporarily turning this feature off, at which point the problem disappeared. Changing this setting (in this case for Total Security 2018) was done from the Bitdefender menu as follows: 1. Select Protection from the listing on the left-hand side. 2. Under Protection Features locate the Online Threat Prevention box (middle column, bottom item). Select Settings. 3. Under Online Threat Prevention ensure that the Web Protection listing option is selected in the heading. 4 Use the button on the right-hand side to turn off the Encrypted Web Scan option (third item in listing).
After this test shows that the problem has been correctly identified installing the latest version of the product (in the current case Bitdefender Total Security 126.96.36.199) resolves the issue. (For help with the reinstall process consult Bitdefender Online Support. Note that the screens shown there may look a bit different on your system, but it illustrates the flow. )
Modified by ianj39