i found one solution for firefox certificate problems
When trying to go to websites using Firefox,i kept getting a message saying there was a problem with a certificate. So i went to Advanced and clicked on Add Exception. This worked for some websites but not others because some did not have the option to "Add Exception" . I even got the certificate problem with the Firefox and the Wikipedia sites, i think. This problem may have come about because i first started to have a problem a few days ago with a redirect popup when clicking on websites which said to purchase a File Converter. To try to stop this redirect popup, i tried Zemana, then Malwarebytes. After trying Malwarebytes, i think this is when the problem of certificates began. Also, many times a Malwarebytes message came up saying that an outbound trojan had been blocked. Microsoft Edge and Google Chrome did not have the certificate problem, but did have the message about the outbound trojan. I read several articles on the Firefox Support for the certificate problem and the Malwarebytes site about the outbound trojan. But so far the only thing that got rid of the certificate and outbound trojan problems was when i tried Hitman Pro yesterday.
All Replies (4)
Edit: Before trying Hitman Pro, i uninstalled Malwarebytes. The Hitman also got rid of the redirect popups, so far.
Modified
Hi craig22, it sounds like you were able to chase off a "man in the middle" that was intercepting your browsing. All good now??
For future reference, you should never need to create exceptions for well-run sites. Getting a certificate error for such sites (unless it's a matter of a certificate expiring, which happens) should ring alarm bells for you.
One possible reason for the difference between browsers is that malware will inject a certificate into the Windows system certificate store, which fools IE and Chrome, but not into Firefox's separate certificate store. So Firefox is not fooled and throws up errors for every HTTPS site.
Now, was the man in the middle security software, or malware? We don't know; now that it's gone, we can't go back and figure that out.
I think at this point, if you were doing any browsing on sensitive sites while the (unknown) man in the middle was installed, you should change your passwords for those sites since it's hard to know what it was doing with the information on the pages it intercepted during that time.
Also, I suggest removing the exceptions you added in Firefox:
- Windows: "3-bar" menu button (or Tools menu) > Options
- Mac: "3-bar" menu button (or Firefox menu) > Preferences
- Linux: "3-bar" menu button (or Edit menu) > Preferences
- Any system: type or paste about:preferences into the address bar and press Enter/Return to load it
In the search box at the top of the page, type cert and Firefox should filter to the "View Certificates" button, which you can click.
The Servers tab would have any exceptions you saved. You can spot them by the site name in the Server column. Don't remove the ones with *, those are special blocking entries for distrusted certificates.
You can check if there is more detail available about the issuer of the certificate.
- click the "Advanced" button show more detail
- click the blue error text (SEC_ERROR_UNKNOWN_ISSUER) to show the certificate chain
- click "Copy text to clipboard" and paste the base64 certificate chain text in a reply
If clicking the blue error text doesn't provide the certificate chain then try these steps to inspect the certificate.
- open the Servers tab in the Certificate Manager
- Options/Preferences -> Privacy & Security
Certificates: View Certificates -> Servers: "Add Exception"
- Options/Preferences -> Privacy & Security
- paste the URL of the website (https://xxx.xxx) in it's Location field
Let Firefox retrieve the certificate -> "Get Certificate"
- click the "View" button and inspect the certificate
You can see detail like the issuer of the certificate and intermediate certificates in the Details tab.
You know, cor-el's post reminded me that the exceptions you already saved to the Servers tab of the Certificate Manager could be checked for the "Issuer" to see whether that identifies the man in the middle. Sorry for not thinking of that before.