Your connection is not secure HTTP Strict Transport Security (HSTS)
After I updated to v65.0 (x64), all webpages (except Yahoo) gave me: "Your connection is not secure. This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox may only connect to it securely. As a result, it is not possible to add an exception for this certificate."
I read about changing the "security.enterprise_roots.enabled" value to "true" rather than the default "false" and this works, but I am afraid of future consequences.
I am using the following extensions in my Firefox installation: uBlock Origin, Disconnect
Operating system: Windows 7 Javascript enabled: Yes Cookies enabled: Yes Flash version: 32.0.0 Java version: Not installed Websockets supported: Yes Your full user agent string is: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:65.0) Gecko/20100101 Firefox/65.0
Chosen solution
Thank you all for your help. I used Waterfox for a day or so - that way my "fix" for running a Mozilla product while surfing was satisfied. Then after a few days, I tried running Firefox (FF) again, giving the problem time to fix itself. It's working fine again... maybe Avast made some changes - or something. At any rate, FF is working fine again - no more errors, and I was able to change that setting back to the default.
Ler a resposta no contexto 👍 0All Replies (10)
Are you using Avast or AVG?
hi, this is likely your avast/avg security software tampering with encrypted connections. please either try to reinstall your security software or else follow the more specific steps for it at How to troubleshoot security error codes on secure websites.
I am using Avast. Let me look into your suggestion - thank you.
Note, we STRONGLY suggest not using Avast because it has a tendency to do shady things that actually make your computer less secure (such as intercepting all your network traffic, which is why you have this error in Firefox).
It's better to uninstall it, and use Microsoft Security Essentials, which is free, lightweight and a far better anti-virus. Then, use Malwarebytes (www.malwarebytes.com) for monthly deep scans.
Beyond that, make sure you keep Windows up to date, including updating to Windows 10 if at all possible.
Thank you for your suggestions. I hesitate to change my antivirus software for Firefox, much as I love FF. If I am to use the work-around that I have by setting the "security.enterprise_roots.enabled" to "true", I assume that's better than disabling the checking of the global HTTPS scanning by Avast.
I am also using the paid-for version of SUPERAntiSpyware.
As to switching to Windows 10 - I'll do that when I absolutely HAVE TO, and not before. Win10 is less responsive and slower on my hardware, from my experience.
Samo modificouno o
Avast is generally known as a bad anti-virus (https://www.howtogeek.com/199829/avast-antivirus-was-spying-on-you-with-adware-until-this-week/) so even if it wasn't breaking Firefox it would be best to switch. What it is trying to do is basically attacking your secure connections, and that is putting your computer at risk. It's best to uninstall Avast and use Microsoft Security Essentials.
zebra14 said
After I updated to v65.0 (x64), all webpages (except Yahoo) gave me: "Your connection is not secure. This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox may only connect to it securely. I am using the following Extensions in my Firefox installation:
- Cookie Manager 1.5
- Cookie Quick Manager 0.4rc1
- Disable WebRTC 1.0.20
- Disconnect 5.18.21
- Easy Youtube Video Downloader Express 14.3
- Free Download Manager 3.0.27
- iCloud Bookmarks 2.1.23
- New Tab Homepage 0.6.2
- To Google Translate 3.3
- uBlock Origin 1.18.2
- User-Agent Switcher 1.2.4
- Video DownloadHelper 7.3.5
If you ReStart With Add-ons Disabled, does that help?
~Pj
I did not know that you could query a machine remotely and see what extensions were installed in FF. Interesting!
At any rate, thanks for trying to help. I set the ""security.enterprise_roots.enabled" to the default "false" and then tried FF with all extensions disabled - then restarted FF. The problem is still there.
"Your connection is not secure
The owner of www.google.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.
This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox may only connect to it securely. As a result, it is not possible to add an exception for this certificate."
Chosen Solution
Thank you all for your help. I used Waterfox for a day or so - that way my "fix" for running a Mozilla product while surfing was satisfied. Then after a few days, I tried running Firefox (FF) again, giving the problem time to fix itself. It's working fine again... maybe Avast made some changes - or something. At any rate, FF is working fine again - no more errors, and I was able to change that setting back to the default.
zebra14 said
I tried running Firefox (FF) again, giving the problem time to fix itself. It's working fine again... maybe Avast made some changes - or something. At any rate, FF is working fine again - no more errors...
I suppose it was Avast, as I had a few 'errors', but not quite the problem you were having. But, perhaps FF did some changes, too. (Wink)
~Pj