Why am I getting the error "This connection is untrusted" in Firefox on my new computer?
Many familiar sites are giving me an error relating to certificates. See message below:
"This Connection is Untrusted
You have asked Firefox to connect
securely to www.xxxxxxxxxxxx.com, but we can't confirm that your connection is secure.
Normally, when you try to connect securely,
sites will present trusted identification to prove that you are going to the right place. However, this site's identity can't be verified.
What Should I Do? If you usually connect to
this site without problems, this error could mean that someone is trying to impersonate the site, and you shouldn't continue."
The same sites are still working perfectly on an older computer without these issues. They also work in other browsers, but Firefox is my default.
Modified by Tony98
Additional System Details
- User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22
Check the date and time in the clock on your computer: (double) click the clock icon on the Windows Taskbar.
Which security software (firewall, anti-virus) do you have?
Some security software intercept secure connections and send their own certificate.
Some examples are ESET and Bitdefender.
- ESET setup -> advanced setup -> extend web and email tree -> SSL
- SSL protocol: Do not scan SSL protocol
You can retrieve the certificate and check details like who issued certificates and expiration dates of certificates.
- Click the link at the bottom of the error page: "I Understand the Risks"
Let Firefox retrieve the certificate: "Add Exception" -> "Get Certificate".
- Click the "View..." button and inspect the certificate and check who is the issuer.
You can see more Details like intermediate certificates that are used in the Details pane.
Thanks for your prompt reply.
Time and Date not the issue.
Using ESET anti-virus. Advanced settings already set to "Do not scan SSL protocol".
Did you check who issues those certificates?
Try to rename the cert8.db file in the Firefox profile folder to cert8.db.old or delete the cert8.db file to remove intermediate certificates that Firefox has stored.
If that helped to solve the problem then you can remove the renamed cert8.db.old file.
Otherwise you can rename (or copy) the cert8.db.old file to cert8.db to restore the previous intermediate certificates.
Firefox will automatically store intermediate certificates when you visit websites that send such a certificate.
If that didn't help then remove or rename secmod.db (secmod.db.old) as well.
You can use this button to go to the Firefox profile folder:
- Help > Troubleshooting Information > Profile Directory: Show Folder
Certificate is not trusted, because it hasn't been verified by a recognized authority using a secure signature.
What does it say on the Details tab (Certificate fields: Issuer) if you proceed to Add Exception and Get and View Certificate?
For Hotmail it says:
Certificate Hierarchy login.live.com
Certificate Fields Long list of fields and sub-fields
Field Value Values show when fields are clicked
Certificate issuer appears to be the supplier of ESET, but why is this only an issue on Firefox. This has been my preferred browser for a few years but yet I can easily ignore this problem by using Chrome or IE instead.
See also Certificates: Add the root certificate to known browsers
Thanks again. In following this option, my version of "View Certificate > Details > Copy to File...", seems to be "View > Details > Export .....".
The resulting file from this process is an MS-DOS Application file type, and attempting to open it gives another error.
"The version of this file is not compatible with the version of Windows you're running. Check your computer's system information to determine whether you need an x86 (32-bit) or x64 (64-bit) version of the program, and then contact the software publisher."
Am I looking in the right place? Is it the ESET publisher I'm to contact? Beginning to feel a bit lost here.
Yes, you will either have to install the ESET root certificate or disable this feature in ESET because ESET is intercepting the secure connection and is sending its own certificate as you've seen in the details.
You can ask advice at the ESET forum if you aren't able to fix this.
Any explanation why this only affects the Firefox browser and not IE or Chrome? Why is it working okay in Firefox on my other computer which is also using ESET antivirus?
As there have been no further responses to this thread, I've finally marked Google Chrome as my default browser on both computers.
a possible cause for this problem can be that your date + time is set incorrectly and firefox is failing to validate the certificates properly. i think the firefox programmers are unaware of this error at this time.
Thanks but the first answerer on 3/11/13 also suggested a time and date issue. This has already been eliminated as the cause.
You will have to contact ESET and ask them how to install the ESET root certificate in your Firefox version if you can't do this by the link that I posted above.
i know its a little late, make sure you do not have a program called Sendori installed (if its a pc) that program hijacks err re-directs certificates, dns and other stuff to their servers and this causes them to be untrusted. i kept getting that and decided to do the exception and read what it said, it did not say CA or geotrust, said sandori. i removed, rebooted and worked. ive heard other people exporting certificate from chrome and then importing it firefox as well to solve the issue.