from past week or so I am getting this "Did Not Connect: Potential Security Issue" on well known sites
Some of well known sites such as "drive.google.com" & "mail.yahoo.com" is resulting in "Did Not Connect: Potential Security Issue page" in Firefox. They are opening just fine in other browsers.
This issue has cropped up since past week in Firefox. Not sure what is the root cause behind the problem. I have tried re-installing Firefox, but still no change.
I have checked the certificates of those sites, and they are seems to be in order. I mean other browsers are able to open without issue, then why Firefox is not opening them for me?
Please let me know if this issue can be fixed in Firefox.
Chosen solution
- MOZILLA_PKIX_ERROR_MITM_DETECTED
- uses an invalid security certificate SSL_ERROR_BAD_CERT_DOMAIN
- configured their website improperly
How to troubleshoot the error code "SEC_ERROR_UNKNOWN_ISSUER" on secure websites
https://support.mozilla.org/en-US/kb/troubleshoot-SEC_ERROR_UNKNOWN_ISSUER
Read this answer in context 👍 1All Replies (9)
Secure connection cannot be established
When a website that requires a secure (https) connection tries to secure communication with your computer, Firefox cross-checks this attempt to make sure that the website certificate and the connection method are actually secure. If Firefox cannot establish a secure connection, it will display an error page.
Press the 'Advanced' button and copy the message here.
@FredMcD - Thanks for checking this out.
Upon clicking 'Advanced' button I get below text -
" Someone could be trying to impersonate the site and you should not continue.
Websites prove their identity via certificates. Firefox does not trust mail.yahoo.com because its certificate issuer is unknown, the certificate is self-signed, or the server is not sending the correct intermediate certificates.
Error code: SEC_ERROR_UNKNOWN_ISSUER "
Attached the screenshot with the message
I tried to check more on the certificates that are currently visible in my Firefox and it seems the certificate authority which mail.yahoo.com is using is not present there. [Image of the certificate is attached]
So, I tried to follow the solution steps given in this Support Thread . The import process is going well. But imported certificate is not coming up in the list of Authorities.
Wonder why is that.
Chosen Solution
- MOZILLA_PKIX_ERROR_MITM_DETECTED
- uses an invalid security certificate SSL_ERROR_BAD_CERT_DOMAIN
- configured their website improperly
How to troubleshoot the error code "SEC_ERROR_UNKNOWN_ISSUER" on secure websites
https://support.mozilla.org/en-US/kb/troubleshoot-SEC_ERROR_UNKNOWN_ISSUER
Thanks FredMcD!
The pointer you provided led me to the suspect. I am using a corporate laptop and recently there were some patch upgrades which included antivirus patching on Symantec Endpoint Protection installed on this machine.
So I guess that must have deleted the certificates and probably now trying to inject its own certificates for monitoring / filtering purposes. And Firefox is simply not accepting that. Good for Firefox, that in a way its trying to protect the users.
Unfortunately, I can neither un-install that patch nor the antivirus as that's guarded by policies enforced in the machine. That's sad. It makes this laptop highly dangerous to use.
In the hindsight it also highlights how pervasive surveillance and monitoring hampers freedom.
Check with your IT.
To Fred McD: I am getting something similar. I am using just a basic home pc, not connected to a job server. I have always been able to click on a link provided in an email and be brought directly to that site in a new window. Now, all I get is: "Your connection is not secure
The owner of metalunlimited.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.
This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox may only connect to it securely. As a result, it is not possible to add an exception for this certificate.
Learn more…
Report errors like this to help Mozilla identify and block malicious sites"
How can I fix this? Something has changed, become disconnected or overridden behind the scenes. I am totally tech-impaired, so I cannot figure this out on my own. Any suggestions? - you seem to be up on this stuff.
I am able to reach the site (People.com) if I delete and reload Firefox. The second time I try I get the following message:
Did Not Connect: Potential Security Issue
Firefox detected a potential security threat and did not continue to l.mail.people.com because this website requires a secure connection.
What can you do about it?
l.mail.people.com has a security policy called HTTP Strict Transport Security (HSTS), which means that Firefox can only connect to it securely. You can’t add an exception to visit this site.
The issue is most likely with the website, and there is nothing you can do to resolve it. You can notify the website’s administrator about the problem.
Learn more…