The green lock is for the more expensive Extended Validation SSL certificate, which involves COMODO checking your company's proof of identity. Ordinary certificates which only require domain validation get a gray lock.

See also: How do I tell if my connection to a website is secure?

I have the same problem. None of the websites I visit with extended validation certificates show a green lock, not even the websites with Comodo validated certificates like https://www.neostrada.nl/

Even my bank does not have a green lock. https://www.abnamro.nl/nl/prive/index.html

Hi DorinePost, could you click through to the certificate viewer and compare with the attached screen shot the Issued by and Hierarchy sections?

Hi jscher2000, everything is the same except for the dates; my certificat viewer says: Begins On 13-4-2015 and Expires On 14-4-2017

Hi DorinePost, I think that is a format difference, m-d-y vs. d-m-y, so not a major difference.

So I don't understand why your Firefox is not detecting it as an Extended Validation certificate?

Start Firefox in Safe Mode to check if one of the extensions (Firefox menu button/Tools > Add-ons > Extensions) or if hardware acceleration is causing the problem.

• Switch to the DEFAULT theme: Firefox menu button/Tools > Add-ons > Appearance
• Do NOT click the Reset button on the Safe Mode start window

• https://support.mozilla.org/kb/Safe+Mode
• https://support.mozilla.org/kb/Troubleshooting+extensions+and+themes

You can also look at this extension:

• SSleuth: https://addons.mozilla.org/firefox/addon/ssleuth

Hi cor-el,

I tried your suggestion but still no green locks. I installed ssleuth and noticed it doesn't recognise the extended validation and grades the ABN website certificate with 5,3 points... ; " Extended validation: No".

Now I realize that I changed a Firefox config setting some time ago because I couldn't reach a website with a valid certificat that wasn't recognized by Firefox. I Googled the problem and found a solution. The solution was to disable something in the FF config but I don't remember what it was.

Hi DorinePost, you can look for non-default settings as follows:

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful.

(2) In the search box above the list, type or paste TLS and pause while the list is filtered -- anything here bolded and indicated as "user set" that could be a problem?

(3) In the search box above the list, type or paste security.SSL and pause while the list is filtered -- anything here bolded and indicated as "user set" that could be a problem?

Note: it's okay to set security.ssl3.dhe_rsa_aes_128_sha and security.ssl3.dhe_rsa_aes_256_sha to false so Firefox doesn't use those Logjam-related ciphers.

It should work with the default settings, so if it doesn't work for you then you may have changed something.

You can check the network.* prefs and the security.* prefs to see which have changed and are user set (bold).

You can delete possible user.js and numbered prefs-##.js files and rename (or delete) the prefs.js file to reset all prefs to the default value including prefs set via user.js and prefs that are no longer supported in the current Firefox release.

• http://kb.mozillazine.org/Preferences_not_saved
• http://kb.mozillazine.org/Resetting_preferences

You can use this button to go to the current Firefox profile folder:

• Help > Troubleshooting Information > Profile Directory: Show Folder (Linux: Open Directory; Mac: Show in Finder)
• http://kb.mozillazine.org/Profile_folder_-_Firefox

Those searches have nothing as user set. I'm sure I set something to false.. if I could only remember what is was..

You can click the Status header to sort the about:config page by this column and see all user set prefs at the start. That is what I do from time to time to check what prefs I've changed for testing a problem and forgot to reverse.

I would normally suspect an extension or you may have created a certificate exception.

You could check that in the Certificate Manager (Servers tab) or possibly temporarily rename the cert8.db file.

• Tools > Options > Advanced > Certificates: View Certificates

What is the connection status as shown by the extension and in "Tools > Page Info > Security"?

Hi cor-el, I found the solution .... ( :-*> ) On the Tools > Options > Advanced > Certificates tab Ask OCSP responder servers to confirm the current validity of certificates was not checked. I checked the box and the green locks are back.

Thanks for reporting the cause of your problem.

I'm curious that you didn't see the related security pref (security.OCSP.enabled = 0) showing bold on the about:config page that I suggested to check above.