Can't bypass security warning on previously accesable site
I have been accessing a Facebook app right along without any issues, and now suddenly Firefox is saying that the certificate is invalid and will not let me connect. The problem is that I am not being given the option to bypass the warning, all I get is the Get me out of here option. I have tried clering all histories, caches, etc. I have even gone so far as to uninstall Firefox, remove all personal settings, and reinstall it, and it still hasn't solved the problem. I have tried all the suggestions posted here, and they have not helped/
Additional System Details
- Facebook Desktop Plugin
- Next Generation Java Plug-in 10.7.2 for Mozilla browsers
- NPRuntime Script Plug-in Library for Java(TM) Deploy
- Shockwave Flash 11.4 r402
- AmazonMP3DownloaderPlugin 1.0.15
- Virtual Earth 3D 4.00100226006 plugin for Mozilla
- User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:13.0) Gecko/20100101 Firefox/13.0.1
Some sites like Facebook have a setting to force a secure connection and that may not always work.
You can look at this link on how to disable forcing a secure connection in Facebook.
Does this problem occur when you follow a link or a bookmark, or only when you enter the URL into the address bar? In the address bar scenario, the autofill feature may direct you to a secure page where the site is not prepared for a secure connection. Try deleting the "s" from the https and see whether you can navigate into the site. If the site wants you to make a secure connection, it should use https where appropriate.
I have always used the secure browsing option when on Facebook, and up until now, have never had a problem. I did, however, try turning it off before I even posted my problem here. It had no effect. Also, as I mentioned here, Firefox is not even giving me the the option to ignore the warning and continue. All I get is the Get me out of here option.
This is standard Facebook music app, and one which I have been using without any problem for ages. The link is on every song posted on my timeline and in the app list on my homepage. No matter how I try to access it, Firefox refuses to allow the connection. even though it has always allowed it in the past.
Some firewalls monitor secure (https) connections and send their own certificate instead of the website's certificate.
You can retrieve the certificate and check details like who issued certificates and expiration dates of certificates.
- Click the link at the bottom of the error page: "I Understand the Risks"
Let Firefox retrieve the certificate: "Add Exception" -> "Get Certificate".
- Click the "View..." button and inspect the certificate and check who is the issuer.
You can see more Details like intermediate certificates that are used in the Details pane.
As I have said, there is no I understand the risks link at the bottom of the page as there normally is. All i get is the "Get me out of here"option. Furthermore, as I have also said; I have been using Facebook and Profile Song right along with no issue. This literally happened overnight, without making any changes, additions, deletions, from Firefox or Facebook. It quite literally was working perfectly when I went to bed, not working when I got up and has not worked since. Firefox does not see any certificates to add to the exception list. Again, i tried all of these things before posting here. This was my option of last resort.
Is there a general link to try the music app? A volunteer could take a look and see whether she or he could replicate the problem.
Hi - this is not a Facebook-related problem; the same thing is happening to me with the Austrian composers' rights association website (similar to ASCAP). I receive these warnings on a regular basis since many certificates in this region appear to be unknown to Firefox - but this is the first time that there's no "bypass" option. I recommend trying another browser.
Modified by pyaeger
Hi pyaeger, generally speaking, untrusted certificates should be rare. Firefox trusts certain root certificates and web servers are supposed to send a chain of certificates up to one of the trusted roots. If there is a certificate issuer in Europe that is not recognized by Firefox, can you indicate which one it is? Or could you provide a link to a couple of pages that generate(d) the errors?
I grant that they are rare but again: the issue is not so much the unrecognized certificate itself but (as mentioned in ghsmith's intial post) the lack of a bypass option ("I understand the risks").
This is (I've just discovered) a known bug - but four months later it's still here.
Here's a link to one of the sites: http://www.akm-aume.at/index_programmmeldung.htm
Interestingly, the only other site I found mentioned by name is also in Austria. No idea if that signifies or not.
hi pyaeger - the bug you've referred to won't be fixed. it is intended behaviour that you can't bypass certificate warnings in frames, since it could be used for spoofing.
the issue in the case of the site you've named is that the root certificate of the a-cert authority which issued the certificate for the site doesn't get shipped with firefox (though it is recognized by the austrian authorities as legit body to issue certificates). please try manually installing the globaltrust root certificate (#3) provided at http://www.a-cert.at/php/cms_monitor.php?q=PUB-TEXT-A-CERT&s=08305wjt (just click on the.crt link)
Modified by philipp
I solved the problem, I simply dumped Firefox and went with a different browser, problem solved!
Hi ghsmith, do you encounter this problem frequently enough to change browsers? That could be a sign that your secure connections are routed through security software on your PC or a proxy (either one you subscribed to, an employer's server, or an attacker). You should investigate that even if other browsers are more trusting.
If you don't want to change browsers, you can work around the frame limitation in two ways. For example, with pyaeger's URL:
- Edit the address bar of the top level page from http to https to load the top level page securely. Then you have the full set of options.
- Right-click the framed page, This Frame > Show Only This Frame to open the framed page as a top level page. Then you have the full set of options.
After adding an exception -- assuming that the certificate satisfies your requirements for trusting it! -- you can click Back to return to the original URL. You probably will need to reload the page.
Thanks, madperson, for the both informative & effective answer.
jscher2000: replying to you since you seem very knowledgeable. i want to reiterate the OP's point - he doesn't want an answer to why he's getting the Untrusted Connection page from Firefox, or even a solution to avoid getting this page.
He wants to fix the issue of not being able to bypass it because no "I understand the risks" button appears as indicated by Mozilla articles on the subject. I also tried your workarounds, but they do not work (it's already a secure page and right-clicking gives no such option) perhaps because I'm using Firefox 17.
If you know what's going on with the lack of bypass options, please reply.
Hi benderino, the only scenario where I've seen no button by design -- I'm not ruling out a bug in other scenarios -- is a secure page framed in a non-secure page. Can you give an example URL where you have this issue?
I have this same issue. In my case the site is typically accessed by a public interface and so the certificate matches the public DNS. However I am accessing it via a persistent VPN tunnel and so the machine name does not match the cert. This is fine and expected behavior. In this case I completely understand the risks and they are zero. This is a corporate server that I manage. So why the $%(*&% can't I get the link to bypass the warning. Isn't there some way to access the ability to add an exception regardless of the missing "I understand the risks" link? This is for joining corporate link meetings so unless there is a reasonable work around I too will need to dump firefox, although this is not my preference.
OK Potential work around 1) open new tab and enter "about:certerror" in the address bar. this will give you the normal error page with the "I understand the risks" link 2) click the "I understand the risks link" 3) In the exception dialogue box that comes up enter the URL to the page you want to get to. 4) click the add exception button.
This works for some but in my case after retrieving the cert FF says there is no problem, What? It won't let me create the exception because there is no problem, give me a break. I guess I'll just have to use another browser at least until FF fixes the problem.
I really need to find a way to get this program fixed. I can't access any of the information for my college class including adobe connect. The classes recommend and some require mozilla firefox. I can't get around this problem. In my case it also says no problem. I need this fixed asap. It's imperative. I already missed a class due to the issue. Google chrome and the internet explorer don't work well with the programs I am using.I have been using this same site and same browser for over 2 weeks with no issue. I tried to log on for over 40 minutes and kept receiving the same message.
What does it say in the technical details of that security warning?