This Connection is Untrusted
I have just installed FF 17. I am running Win 8 Pro 64bit, Eset Smart Security 5. After installing FF 17, I went to the add-ons page. I got the following error message:
This Connection is Untrusted
You have asked Firefox to connect securely to services.addons.mozilla.org, but we can't confirm that your connection is secure.
Normally, when you try to connect securely,
sites will present trusted identification to prove that you are going to the right place. However, this site's identity can't be verified.
What Should I Do?
If you usually connect to
this site without problems, this error could mean that someone is trying to impersonate the site, and you shouldn't continue.
services.addons.mozilla.org uses an invalid security certificate.
The certificate is not trusted because no issuer chain was provided.
(Error code: sec_error_unknown_issuer)
Now this is your site. Why the error. Mozilla does not even trust their own page? I had this issue with FF 16, but found that NOT installing the auto-update feature got rid of this error message.
Now I have been all over the web Googling this error message, and there are pages on pages, but no Final, nor concrete solution. Even here on your Support forum loads of questions, yet not one answer.
I have seen: 1. Make sure my pc clock is right. It is. 2.Turn off SSL in Eset. Not a chance. Why do I have a firewall for? 3. Choose I know the risks, and make an exception. If I do that I will have to make exception for the entire web. Not a chance.
I didn't have this issue until version 16, any version prior to this worked like a charm.
So what in sam hill have you done to FF, to cause this? I think it about time this is resolved so your users don't have to muck around with their security apps.
Alle antwoorden (4)
hello you'll have to choose between
- option1: don't let eset scan all ssl traffic of the browser
- option 2: generally trust the same eset certficate that the firewall injects into every encrypted connection between the browser and the web.
there's nothing else firefox can do here (probably the eset certificate was somehow preconfigured as being trustworthy per default in the past, so you just didn't notice that you were already using #2)
edit: It's effectively a man-in-the-middle attack that is going on & gets detected by firefox, though probably one of good nature...
also see http://kb.eset.com/esetkb/index?page=content&id=SOLN3126&actp=search&viewlocale=en_US
Bewerkt door philipp op
Hello Mad person. Thank you for your help. How does one go about option 2?
I would like to give that a try before using option 1.
Regards.
i'm not using eset myself, so i cannot give you exact guidance, but this is the relevant section from the eset smart security 5 userguide (there seems to be an option within the program to achieve it):
For SSL communication to work properly in your browsers/email clients, it is essential that the root certificate for ESET, spol. s r.o. be added to the list of known root certificates (publishers). Therefore, the Add the root certificate to known browsers option should be enabled. Select this option to automatically add the ESET root certificate to the known browsers (e.g. Opera, Firefox). For browsers using the system certification store, the certificate is added automatically (e.g. Internet Explorer). To apply the certificate to unsupported browsers, click View Certificate > Details > Copy to File... and then manually import it into the browser.
(page 64 from http://download.eset.com/manuals/eset_ess_5_userguide_enu.pdf)
in case you cannot solve it that way you could also contact eset's support...
Hello Madperson.
I have used the above, and have added the certificate. This has solved the issue.
I have also had a reply from Eset. They gave the suggestion of turning off the SSL, with the warning that it did weaken security. Here is what they sent me:
Subject: ESET Support Case Update: 964364 - This Connection is Untrusted
Update for Case #964364 - "This Connection is Untrusted"
An ESET Customer Care Representative has updated this case with the following information:
Hello,
Thank you for contacting ESET Customer Care. You will need to disable SSL scanning on your ESET program. By default, this setting should be turned off. Firefox runs a SSL scan of their own that conflicts with ESET and this is the cause of the problem. If you disable SSL scanning ESET will still scan every website you go to for possible infections even if SSL is disabled.
Disable SSL scanning
1. Open the main program window by clicking Start All Programs ->ESET ->ESET Smart Security
2. Press F5 to open the Advanced Setup window.
3. Expand Web and email Protocol filtering, and then click SSL.
4. Under SSL protocol filtering mode, select Do not scan SSL protocol and click OK.
If this resolves your issue or if you need further assistance, please let us know by replying to this email.
Please tell us how we are doing. At the bottom of this email, you will see a link to our customer satisfaction survey. We appreciate your feedback!
Thank you for using ESET security products, ESET Customer Care North America
ESET Knowledgebase | articles | videos | manuals | support http://kb.eset.com
Thank you Madperson for your help.
I hope this now will help others to have a correct choice as to how they want to deal with FF 17 to correct the issue.
Best Regards, Ron