X
Tap here to go to the mobile version of the site.

Support Forum

How to turn off the "untrusted connection" thing?

Posted

I found this thread that summarizes my problem nicely, but because the original question owner was rather angry it seems to have been lock, most unhelpful: https://support.mozilla.org/en-US/questions/951920

I too need to completely disable the nanny behavior of validating all certificates. I sit behind a corporate firewall and all my certificates are replaced by the proxy server. No connection leaving here is safe from the network admins up stream and no amount of confirming exceptions nor adding certificates will make it so.

I just need to disable this useless blockage so I can surf sites. I can't even google effectively since the default google searches use https:

Thank you.

I found this thread that summarizes my problem nicely, but because the original question owner was rather angry it seems to have been lock, most unhelpful: https://support.mozilla.org/en-US/questions/951920 I too need to completely disable the nanny behavior of validating all certificates. I sit behind a corporate firewall and all my certificates are replaced by the proxy server. No connection leaving here is safe from the network admins up stream and no amount of confirming exceptions nor adding certificates will make it so. I just need to disable this useless blockage so I can surf sites. I can't even google effectively since the default google searches use https: Thank you.

Additional System Details

Installed Plug-ins

  • Shockwave Flash 11.7 r700
  • Adobe PDF Plug-In For Firefox and Netscape 10.1.7
  • Adobe Shockwave for Director Netscape plug-in, version 12.0.2.122
  • Next Generation Java Plug-in 1.6.0_43 for Mozilla browsers
  • NPRuntime Script Plug-in Library for Java(TM) Deploy
  • 5.1.20125.0
  • The plug-in allows you to open and edit files using Microsoft Office applications
  • Office Authorization plug-in for NPAPI browsers

Application

  • User Agent: Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20130729 Firefox/24.0

More Information

kobe 441 solutions 5048 answers

refer to

and delete the cert8.db file in your profile folder Firefox > Tools > Show Folder > delete cert8.db with firefox closed.

refer to * [["This Connection is Untrusted" error message appears - What to do]] and delete the cert8.db file in your profile folder Firefox > Tools > Show Folder > delete cert8.db with firefox closed.

Helpful Reply

Let me restate:

FIrefox (Aurora) is working exactly as it was intended. My clock is right, my cert8.db is not corrupt.

The problem is the intended behavior DOES NOT WORK in situations like mine. I _know_ the certificates are unsecure. I _have_ to live with that. I DO NOT NEED FIrefox popping that obnoxious page ever time I load a new page.

I NEED to be able to browse with unverified certificates. I understand the risks and accept them on that machine.

Thanks,

Ron

Let me restate: FIrefox (Aurora) is working exactly as it was intended. My clock is right, my cert8.db is not corrupt. The problem is the intended behavior DOES NOT WORK in situations like mine. I _know_ the certificates are unsecure. I _have_ to live with that. I DO NOT NEED FIrefox popping that obnoxious page ever time I load a new page. I NEED to be able to browse with unverified certificates. I understand the risks and accept them on that machine. Thanks, Ron
kobe 441 solutions 5048 answers

Add a security exception

This page will not be removed from firefox with a pref you can though write a bug or make/find a addon that changes this behavior.

Add a security exception * https://support.mozilla.org/en-US/kb/connection-untrusted-error-message#w_bypassing-the-warning This page will not be removed from firefox with a pref you can though write a bug or make/find a addon that changes this behavior.
cor-el
  • Top 10 Contributor
  • Moderator
17482 solutions 158011 answers

Does the proxy send its own certificate?

Did you investigate if it is possible to install a root certificate from that proxy?

Does the proxy send its own certificate? Did you investigate if it is possible to install a root certificate from that proxy?
jscher2000
  • Top 10 Contributor
8704 solutions 71132 answers

Can you test whether this extension works well enough for your needs: Skip Cert Error? I haven't tried it myself.

Can you test whether this extension works well enough for your needs: [https://addons.mozilla.org/firefox/addon/skip-cert-error/ Skip Cert Error]? I haven't tried it myself.

Question owner

Waka_Flocka_Flame:

I find that attitude entirely unreasonable. This behavior in Firefox is BROKEN BY DESIGN in situations like mine. As cor-el stated, The proxy sends its own certificate and the company tech support refuses to provide any support for Firefox. Firefox is simply choking on the same certificate over and over again. The company proxy also provides this 'certificate verification service.' I don't need Firefox to force this on me.

Thanks, Jentron

Waka_Flocka_Flame: I find that attitude entirely unreasonable. This behavior in Firefox is BROKEN BY DESIGN in situations like mine. As cor-el stated, The proxy sends its own certificate and the company tech support refuses to provide any support for Firefox. Firefox is simply choking on the same certificate over and over again. The company proxy also provides this 'certificate verification service.' I don't need Firefox to force this on me. Thanks, Jentron

Question owner

jscher2000,

Thanks, I'll try that when I get to work tomorrow. Of course, I'll have to download it with I.E. since Firefox will refuse to work with the mozilla site since everything is https and I can't disable the certificate check.

Jentron

jscher2000, Thanks, I'll try that when I get to work tomorrow. Of course, I'll have to download it with I.E. since Firefox will refuse to work with the mozilla site since everything is https and I can't disable the certificate check. Jentron
stevemj 0 solutions 1 answers

Helpful Reply

v22 with same problem. I've been reading the locked thread (silenced the opposition) and this thread thinking Mozilla would finally listen to users and fixed the problem (yes its a bug) but I was wrong. Firefox used to be my de facto browser, no question but it went downhill. Here's some advice Mozilla, hire some programmers and listen to users.

Starting Chrome..... (or hell, any other browser, even IE)

v22 with same problem. I've been reading the locked thread (silenced the opposition) and this thread thinking Mozilla would finally listen to users and fixed the problem (yes its a bug) but I was wrong. Firefox used to be my de facto browser, no question but it went downhill. Here's some advice Mozilla, hire some programmers and listen to users. Starting Chrome..... (or hell, any other browser, even IE)

Modified by stevemj

jscher2000
  • Top 10 Contributor
8704 solutions 71132 answers

Hi stevemj, it's not normal for Firefox to refuse to visit secure sites. Problems should be fixed, but the trick is understanding what is causing the error page to appear.

Firefox has many different technical explanations for SSL certificate problems. I can't read every thread here, but in the ones I've seen, these are the most common issues:

(1) Proxy (a proxy server is intercepting the connection, decrypting it to filter it, and re-encrypting it). Examples: a feature of the Bitdefender and ESET security suites, and probably others.

(2) Incorrect system clock.

(3) Corrupted certificate store. See this article for how to delete the file: https://support.mozilla.org/en-US/kb/secure-connection-failed-error-message#w_the-certificate-is-not-trusted-because-the-issuer-certificate-is-unknown

Where these are not applicable or do not help, it is useful to get the information from the "Technical Details" section of the Untrusted connection page. This may help in finding a solution in the troubleshooting article: Secure connection failed and Firefox did not connect.

Hi stevemj, it's not normal for Firefox to refuse to visit secure sites. Problems should be fixed, but the trick is understanding what is causing the error page to appear. Firefox has many different technical explanations for SSL certificate problems. I can't read every thread here, but in the ones I've seen, these are the most common issues: (1) Proxy (a proxy server is intercepting the connection, decrypting it to filter it, and re-encrypting it). Examples: a feature of the Bitdefender and ESET security suites, and probably others. (2) Incorrect system clock. (3) Corrupted certificate store. See this article for how to delete the file: https://support.mozilla.org/en-US/kb/secure-connection-failed-error-message#w_the-certificate-is-not-trusted-because-the-issuer-certificate-is-unknown Where these are not applicable or do not help, it is useful to get the information from the "Technical Details" section of the Untrusted connection page. This may help in finding a solution in the troubleshooting article: [[Troubleshoot the "Secure Connection Failed" error message]].

Question owner

So, I've been running the 'Skip Cert Error' plugin for a while with marginal results.. Unfortunately, all the content won't load, for example, the CSS styles from wikipedia and ixquick don't work when secure.

I'm still stuck in the same place: The corporate proxy server feeds its own cert for every page, but corporate won't provide the key to authenticate so firefox won't work. FIrefox is "smarter" than me and won't let me just trust everything from the proxy server even though its scanned and keys are checked there.

So, I've been running the 'Skip Cert Error' plugin for a while with marginal results.. Unfortunately, all the content won't load, for example, the CSS styles from wikipedia and ixquick don't work when secure. I'm still stuck in the same place: The corporate proxy server feeds its own cert for every page, but corporate won't provide the key to authenticate so firefox won't work. FIrefox is "smarter" than me and won't let me just trust everything from the proxy server even though its scanned and keys are checked there.

Question owner

jscher2000,

I'm specifically trying to address "(1) Proxy (a proxy server is intercepting the connection, decrypting it to filter it, and re-encrypting it). Examples: a feature of the Bitdefender and ESET security suites, and probably others"

Since I don't control the corporate LAN technology and can't bypass the proxy server, I need to tell Firefox not to check the certificate. It is not meaningful in any way. If the man-in-the-middle attack is between me and the proxy server I'm screwed anyway since they're already inside the firewall on the private network.

Jentron

jscher2000, I'm specifically trying to address "(1) Proxy (a proxy server is intercepting the connection, decrypting it to filter it, and re-encrypting it). Examples: a feature of the Bitdefender and ESET security suites, and probably others" Since I don't control the corporate LAN technology and can't bypass the proxy server, I need to tell Firefox not to check the certificate. It is not meaningful in any way. If the man-in-the-middle attack is between me and the proxy server I'm screwed anyway since they're already inside the firewall on the private network. Jentron
jscher2000
  • Top 10 Contributor
8704 solutions 71132 answers

Hi Jentron, I didn't think you needed a key, but maybe you do. Did you see this thread about importing a certificate exported from IE or Chrome: Disabling untrusted connection warning, or adding issuer without certificate? I think that's what cor-el's post was driving at.

Hi Jentron, I didn't think you needed a key, but maybe you do. Did you see this thread about importing a certificate exported from IE or Chrome: [https://support.mozilla.org/en-US/questions/957485 Disabling untrusted connection warning, or adding issuer without certificate?] I think that's what cor-el's post was driving at.
johnwerneken 0 solutions 24 answers

DISABLE BROWSER SECURITY should be the default, not something I must war with every other day. I HATE security, military and most police excepted. No matter what happens, I can deal with it AT LEAST as well as anyone else I've ever heard of.

DISABLE BROWSER SECURITY should be the default, not something I must war with every other day. I HATE security, military and most police excepted. No matter what happens, I can deal with it AT LEAST as well as anyone else I've ever heard of.
johnwerneken 0 solutions 24 answers

The feature does not provide any action option at all in my situation. I do not want exceptions to let things happen; I might CONSIDER exceptions to prevent things I do not care for, but really I'd rather deal with malware entirely on my own. Go get a job with Obamacare why don't you, that's the same idea. Communist.

The feature does not provide any action option at all in my situation. I do not want exceptions to let things happen; I might CONSIDER exceptions to prevent things I do not care for, but really I'd rather deal with malware entirely on my own. Go get a job with Obamacare why don't you, that's the same idea. Communist.