X
Tap here to go to the mobile version of the site.

Fóram Tacaíochta

Cuireadh an snáithe seo sa chartlann. Cuir ceist nua má tá cabhair uait.

Certificate Issue With Outlook

Postáilte

I have a Windows 7 laptop and Firefox was updated yesterday 30/03/18 to version 59.0.2 (32 Bit).

When I go onto Outlook.com the green padlock changes to amber and displays a message "Outlook.Live.com is not secure". This changed a few updates ago and has not been corrected with recent updates. Up to the change both Firefox and Outlook were working as expected.

Looking at the Firefox "More Information" tab (top left) and then the right arrow on "Support.mozilla.org" and "More Information" under the "General" tab, I get:

Address: https://outlook.live.com/owa/?path=/mail/inbox Referring URL: https://login.live.com

Under the "Security" tab

Verified by: not specified

Comparing this with another laptop running Windows Vista with Firefox version 52.7.3 - the only difference that I can see is that the "address" and "Referring URL" are slightly different and swopped about.

Address: https://outlook.live.com/owa Referring URL: https://login.live.com/ppsecure............................6......6....L.......................etc etc

Under the "Security" tab Verified by: DigiCert Inc

The DigiCert certificates are the same on both laptops.

Will changing the "address" and "Referring URL" field contents solve the problem as each machine seems to be referencing different URL's.

How do I change the contents of the "address" and "Referring URL"?

Or are I barking up the wrong tree?

I have a Windows 7 laptop and Firefox was updated yesterday 30/03/18 to version 59.0.2 (32 Bit). When I go onto Outlook.com the green padlock changes to amber and displays a message "Outlook.Live.com is not secure". This changed a few updates ago and has not been corrected with recent updates. Up to the change both Firefox and Outlook were working as expected. Looking at the Firefox "More Information" tab (top left) and then the right arrow on "Support.mozilla.org" and "More Information" under the "General" tab, I get: Address: https://outlook.live.com/owa/?path=/mail/inbox Referring URL: https://login.live.com Under the "Security" tab Verified by: not specified Comparing this with another laptop running Windows Vista with Firefox version 52.7.3 - the only difference that I can see is that the "address" and "Referring URL" are slightly different and swopped about. Address: https://outlook.live.com/owa Referring URL: https://login.live.com/ppsecure............................6......6....L.......................etc etc Under the "Security" tab Verified by: DigiCert Inc The DigiCert certificates are the same on both laptops. Will changing the "address" and "Referring URL" field contents solve the problem as each machine seems to be referencing different URL's. How do I change the contents of the "address" and "Referring URL"? Or are I barking up the wrong tree?

Tuilleadh mionsonraí faoin chóras

Feidhmchlár

  • User Agent: Mozilla/5.0 (Windows NT 6.0; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0

Tuilleadh Eolais

FredMcD
  • Top 10 Contributor
4314 réiteach 60603 freagra
There is security software like Avast, Kaspersky, BitDefender and ESET that intercept secure connections and send their own certificate. https://support.mozilla.org/en-US/kb/firefox-cant-load-websites-other-browsers-can https://support.mozilla.org/en-US/kb/firefox-and-other-browsers-cant-load-websites https://support.mozilla.org/en-US/kb/secure-connection-failed-error-message https://support.mozilla.org/en-US/kb/connection-untrusted-error-message http://kb.mozillazine.org/Error_loading_websites https://support.mozilla.org/en-US/kb/what-does-your-connection-is-not-secure-mean

Úinéir na ceiste

Thanks for the info.

The certificate looks identical between both laptops it just looks like the Win7 laptop is looking at the wrong URL's.

Is it possible to edit the fields in the Firefox "More Information" tab (top left) and then the right arrow/"Support.mozilla.org"/"More Information"/"General" tab to point to the same URL's. Is the info in the registry?

Thanks for the info. The certificate looks identical between both laptops it just looks like the Win7 laptop is looking at the wrong URL's. Is it possible to edit the fields in the Firefox "More Information" tab (top left) and then the right arrow/"Support.mozilla.org"/"More Information"/"General" tab to point to the same URL's. Is the info in the registry?
cor-el
  • Top 10 Contributor
  • Moderator
17700 réiteach 160142 freagra

If you use a bookmark then navigate to the web page starting with the main page or the sign in page in case there is a problem with this bookmark.


You can check the connection settings.

  • Options/Preferences -> General -> Network: Connection -> Settings

If you do not need to use a proxy to connect to internet then try to select "No Proxy" if "Use the system proxy settings" or one of the others do not work properly.

See "Firefox connection settings":


Try these steps to inspect the certificate.

  • open the Server tab in the Certificate Manager
    • Options/Preferences -> Privacy & Security -> Certificates: View Certificates -> Servers: "Add Exception"
  • paste the URL of the website (https://xxx.xxx) in it's location field.

Let Firefox retrieve the certificate -> "Get Certificate"

  • click the "View" button and inspect the certificate

You can see detail like the issuer of the certificate and intermediate certificates in the Details tab.

If you use a bookmark then navigate to the web page starting with the main page or the sign in page in case there is a problem with this bookmark. ---- You can check the connection settings. *Options/Preferences -> General -> Network: Connection -> Settings If you do not need to use a proxy to connect to internet then try to select "No Proxy" if "Use the system proxy settings" or one of the others do not work properly. See "Firefox connection settings": *https://support.mozilla.org/en-US/kb/firefox-cant-load-websites-other-browsers-can ---- Try these steps to inspect the certificate. *open the Server tab in the Certificate Manager **Options/Preferences -> Privacy & Security -> Certificates: View Certificates -> Servers: "Add Exception" *paste the URL of the website (https://xxx.xxx) in it's location field. Let Firefox retrieve the certificate -> "Get Certificate" *click the "View" button and inspect the certificate You can see detail like the issuer of the certificate and intermediate certificates in the Details tab.

Úinéir na ceiste

Certificate Manager/Servers There are 2 active exceptions on both the Vista and Win7 laptops Both say "Could not verify this certificate because it is not trusted" they are: DigiNotar Root CA DigiNotar PKIoverheid CA Organisatie - G2.

Certificate Authorities There are very many certificate listed.

The Vista laptop under Security shows DigiCert Cloud Services CA-1 and under the Certificate Hierarchy shows Outlook.live.com whereas the Win7 doesn't show Outlook under the Certificate Hierarchy.

Is the DigiCert or Outlook certificate corrupt?

Certificate Manager/Servers There are 2 active exceptions on both the Vista and Win7 laptops Both say "Could not verify this certificate because it is not trusted" they are: DigiNotar Root CA DigiNotar PKIoverheid CA Organisatie - G2. Certificate Authorities There are very many certificate listed. The Vista laptop under Security shows DigiCert Cloud Services CA-1 and under the Certificate Hierarchy shows Outlook.live.com whereas the Win7 doesn't show Outlook under the Certificate Hierarchy. Is the DigiCert or Outlook certificate corrupt?
cor-el
  • Top 10 Contributor
  • Moderator
17700 réiteach 160142 freagra

Did you try to inspect the certificate via the steps I posted above?

Then we can see if the issuer is wrong.


You can also try to rename/remove cert9.db and cert8.db to see if that has effect.\

You can use the button on the "Help -> Troubleshooting Information" (about:support) page to go to the current Firefox profile folder or use the about:profiles page.

Did you try to inspect the certificate via the steps I posted above? Then we can see if the issuer is wrong. ---- You can also try to rename/remove cert9.db and cert8.db to see if that has effect.\ You can use the button on the "Help -> Troubleshooting Information" (about:support) page to go to the current Firefox profile folder or use the <b>about:profiles</b> page. *Help -> Troubleshooting Information -> Profile Directory:<br>Windows: Show Folder; Linux: Open Directory; Mac: Show in Finder *http://kb.mozillazine.org/Profile_folder_-_Firefox
jscher2000
  • Top 10 Contributor
8839 réiteach 72253 freagra

RosmaryCrackers said

When I go onto Outlook.com the green padlock changes to amber and displays a message "Outlook.Live.com is not secure".

The entire lock changes color? Or you get a gray lock with an amber-colored warning triangle on it like the second image here:

   

That icon indicates mixed content in the page. For example, if someone sent you a message and embedded images on an HTTP address instead of an HTTPS address. Firefox will still retrieve the image but flag the issue with the warning lock icon.

''RosmaryCrackers [[#question-1211705|said]]'' <blockquote> When I go onto Outlook.com the green padlock changes to amber and displays a message "Outlook.Live.com is not secure". </blockquote> The entire lock changes color? Or you get a gray lock with an amber-colored warning triangle on it like the second image here: <center><img src="https://prod-cdn.sumo.mozilla.net/uploads/gallery/images/2015-10-21-18-56-11-9a277c.png"> &nbsp; <img src="https://prod-cdn.sumo.mozilla.net/uploads/gallery/images/2015-10-21-18-54-26-fe01d6.png"> &nbsp; <img src="https://prod-cdn.sumo.mozilla.net/uploads/gallery/images/2015-10-21-18-58-14-d85fc6.png"></center> That icon indicates mixed content in the page. For example, if someone sent you a message and embedded images on an HTTP address instead of an HTTPS address. Firefox will still retrieve the image but flag the issue with the warning lock icon.

Úinéir na ceiste

cor-el & jscher2000

I think I was getting confused about what I was asking.

The scenario I have is as follows:

I open Firefox browser and the padlock is green.

I open the web based Outlook and the sign in and the padlock is still green.

In Outlook Inbox I open an email without mixed content and the padlock stays green and under the "site information" Outlook.Live.com I have a secure connection. I then close the email.

In Outlook Inbox I open an email WITH mixed content and the padlock turns grey with an amber triangle and now I have under the "site information" Outlook.Live.com a "connection is not secure". I then close the email.

If I then open up the previous email without mixed content again the padlock stays grey with the amber triangle and doesn't return to a green padlock and under the "site information" Outlook.Live.com a "connection is not secure".

The only way to get the green padlock back again is to close Outlook and re-sign in and only open emails without mixed content.

Is this the normal firefox operation? Should the padlock colour not toggle dependant on the email content?

Are the emails after opening a mixed content email still encrypted and safe?

I have to admit that I hadn't noticed the change of padlock colour in outlook as I'd naively always assumed that emails were secure.

cor-el & jscher2000 I think I was getting confused about what I was asking. The scenario I have is as follows: I open Firefox browser and the padlock is green. I open the web based Outlook and the sign in and the padlock is still green. In Outlook Inbox I open an email without mixed content and the padlock stays green and under the "site information" Outlook.Live.com I have a secure connection. I then close the email. In Outlook Inbox I open an email WITH mixed content and the padlock turns grey with an amber triangle and now I have under the "site information" Outlook.Live.com a "connection is not secure". I then close the email. If I then open up the previous email without mixed content again the padlock stays grey with the amber triangle and doesn't return to a green padlock and under the "site information" Outlook.Live.com a "connection is not secure". The only way to get the green padlock back again is to close Outlook and re-sign in and only open emails without mixed content. Is this the normal firefox operation? Should the padlock colour not toggle dependant on the email content? Are the emails after opening a mixed content email still encrypted and safe? I have to admit that I hadn't noticed the change of padlock colour in outlook as I'd naively always assumed that emails were secure.
jscher2000
  • Top 10 Contributor
8839 réiteach 72253 freagra

Outlook might not remove the mixed content when you close a message. Unless you see the page reloading, it could just be hidden.

You could try one of these actions instead of completely signing out if they are faster for you:

  • reload the Inbox in the current tab bypassing the cache (Shift+click the reload button, or press Ctrl+Shift+r)
  • open the Inbox in a new tab by clicking in the address bar and pressing Alt+Enter (the new tab should have a green lock); then you can close the old tab
Outlook might not remove the mixed content when you close a message. Unless you see the page reloading, it could just be hidden. You could try one of these actions instead of completely signing out if they are faster for you: * reload the Inbox in the current tab bypassing the cache (Shift+click the reload button, or press Ctrl+Shift+r) * open the Inbox in a new tab by clicking in the address bar and pressing Alt+Enter (the new tab should have a green lock); then you can close the old tab