Secure Website Certificate
I am running a 2008 Imac on OS 10.11.6, and using Firefox 77.0.1 (64 bit).
Much of my work is online with one website, which I log onto daily. Today, I was unable to login because I received a "Did Not Connect. Potential Security Issue." I restarted, made sure Firefox was up to date, etc. The problem repeated.
Then I tried the website in Chrome. I got the same thing. I tried it in Safari. I got the same thing.
I called the company and spoke with tech support. He was unable to recreate my problem on his PC or his Mac. He confirmed that there was no certificate issue at the company and that they were not getting any other similar complaints or problems.
I then tried it on a Mac running 10.15, and was able to access the website easily, with no error messages.
My question is: is the problem my computer, and not the browsers or connections? Is there anything I can do short of buying a new computer?
Thanks for the help. Greg
All Replies (1)
What does this error code mean?
During a secure connection, a website must provide a certificate issued by a trusted certificate authority to ensure that the user is connected to the intended target and the connection is encrypted. If you click the Advanced button on a "Warning: Potential Security Risk Ahead" error page and you see the error code SEC_ERROR_UNKNOWN_ISSUER or MOZILLA_PKIX_ERROR_MITM_DETECTED, it means that the provided certificate was issued by a certificate authority that is not known by Firefox and therefore cannot be trusted by default.
The error occurs on multiple secure sites
In case you get this problem on multiple unrelated HTTPS-sites, it indicates that something on your system or network is intercepting your connection and injecting certificates in a way that is not trusted by Firefox. The most common causes are security software scanning encrypted connections or malware listening in, replacing legitimate website certificates with their own. In particular, the error code MOZILLA_PKIX_ERROR_MITM_DETECTED indicates that Firefox is able to detect that the connection is intercepted. Antivirus products
Third-party antivirus software can interfere with Firefox's secure connections. You could try reinstalling it, which might trigger the software into placing its certificates into the Firefox trust store again.
Here are some alternative solutions you can try:
In Avast or AVG security products you can disable the interception of secure connections:
- Open the dashboard of your Avast or AVG application.
- Go to Menu and click on Settings > Protection > Core Shields.
- Scroll down to the Configure shield settings section and click on Web Shield.
- Uncheck the box next to Enable HTTPS Scanning and confirm this by clicking OK.
In older versions of the product you'll find the corresponding option when you go to Menu > Settings > Components and click Customize next to Web Shield
See the Avast support article Managing HTTPS scanning in Web Shield in Avast Antivirus for details. More Information about this feature is available on this Avast Blog.
In Bitdefender security products you can disable the interception of secure connections:
*Open the dashboard of your Bitdefender application. *Go to Protection and in the Online Threat Prevention section click on Settings. *Toggle off the Encrypted Web Scan setting.
In older versions of the product you can find the corresponding option labelled Scan SSL when you go to Modules > Web Protection
In Bitdefender Antivirus Free it's not possible to control this setting. You can try to repair or remove the program instead when you're having problems accessing secure websites.
Monitoring/filtering in corporate networks
Some traffic monitoring/filtering products used in corporate environments might intercept encrypted connections by replacing a website's certificate with their own, at the same time possibly triggering errors on secure HTTPS-sites.
If you suspect this might be the case, please contact your IT department to ensure the correct configuration of Firefox to enable it working properly in such an environment, as the necessary certificate might have to be placed in the Firefox trust store first. More information for IT departments on how to go about this can be found in the Mozilla Wiki page CA:AddRootToFirefox.
For corporate Bitdefender products, please refer to this Bitdefender Support Center page.
Some forms of malware intercepting encrypted web traffic can cause this error message - refer to the article Troubleshoot Firefox issues caused by malware on how to deal with malware problems.
Missing intermediate certificate
On a site with a missing intermediate certificate you will see the following error description after you click on Advanced on the error page:
- he certificate is not trusted because the issuer certificate is unknown.
- The server might not be sending the appropriate intermediate certificates.
- An additional root certificate may need to be imported.
</h4>Bypassing the warning</h4>
Warning: You should never add a certificate exception for a legitimate major website or sites where financial transactions take place – in this case an invalid certificate can be an indication that your connection is compromised by a third party.
If the website allows it, you can bypass the warning in order to visit the site, even thought its certificate is not being trusted by default:
*On the warning page, click Advanced. *Click Accept the Risk and Continue
I hope to resolve your problem then reply to me .