Hello,

If you get this problem it indicates that something on your system or network is intercepting your connection and injecting certificates in a way that is not trusted by Firefox. The most common causes are security software scanning encrypted connections, or malware listening in and replacing legitimate website certificates with their own.

Please confirm with me in an answer to this message if you are using an antivirus on your computer like Avast, Bitdefender, ESET, Kaspersky, etc..

Since third-party antivirus software can interfere with Firefox's secure connections we recommend uninstalling your third-party software and using the security software offered for Windows by Microsoft: Windows Defender.

I hope this helps,

Thank you for sharing the screenshot. Cisco Umbrella is the successor to OpenDNS protection for business networks. If Firefox were already set to trust the Cisco Umbrella certificate, you might get a warning page about a company policy issue (maybe VPNs are not allowed?). Maybe you can test in a different browser.

But if you expect to run into this on other sites, you probably want more options for setting up Firefox to trust Cisco Umbrella's fake site certificates. I'm copy/pasting something I posted last Summer which I hope is still accurate:

Option #1: Ask your IT to help you out:

https://docs.umbrella.com/deployment-umbrella/docs/install-cisco-umbrella-root-certificate#firefox

Option #2: [Hard way] Import the Cisco Umbrella Root Certificate into Firefox

Cisco's instructions require you to login as an admin of Umbrella to get the certificate. However, you can Export it from the Windows certificate store if necessary.

Option #3: [Easy way] Set Firefox to use the Windows system certificate store instead of its own

See: https://support.mozilla.org/questions/1282621#answer-1299719

My Windows environment does not have the Cisco Umbrella Root Certificate. I am not a Cisco Umbrella customer so I can't download it. I did obtain a Cisco Umbrella Root Certificate from OpenDNS with the matching SHA-1 signature. This allowed me to go further into the process but still does not allow me to pass authentication for Mozilla VPN.

Is this problem on a managed network? I suggest working with your IT on this problem. I don't want to encourage you to violate company policies with your software installations.

This is my private home network. I use Google Fiber as a service provider. I just discovered that I am unable to access any of the following VPN sites (ExpressVPN, SurfShark, NordVPN, ProtonVPN and IPVanish) while using my home network. When I switch to my cellular network using the hot-spot function on my phone, I can access all of the sites inluding the signup for page for Mozilla VPN.

I am not sure what is going on but I think I need to ask Google Fiber if they can explain it.

I by-passed by Wifi router (a Linksys) and was able to access all of the sites. It appears that my router is enforcing some policy on my traffic. I will have research that with the Linksys support. This is definitely not a Firefox or Mozilla problem. Thanks for your help in looking into this.