There is security software like Avast, Kaspersky, BitDefender and ESET that intercept secure connection certificates and send their own.

https://support.mozilla.org/en-US/kb/firefox-cant-load-websites-other-browsers-can

https://support.mozilla.org/en-US/kb/firefox-and-other-browsers-cant-load-websites

https://support.mozilla.org/en-US/kb/secure-connection-failed-error-message

https://support.mozilla.org/en-US/kb/connection-untrusted-error-message

Websites don't load - troubleshoot and fix error messages

http://kb.mozillazine.org/Error_loading_websites

It doesn't solve the problem with the certificate. The message bout an invalid certificate still appears in Firefox, but not in Safari.

• uses an invalid security certificate SSL_ERROR_BAD_CERT_DOMAIN
• configured their website improperly

How to troubleshoot the error code "SEC_ERROR_UNKNOWN_ISSUER" on secure websites https://support.mozilla.org/en-US/kb/troubleshoot-SEC_ERROR_UNKNOWN_ISSUER

I've Sophos Home Antivirus. There is no possibility to disable HTTPS Scanning. The problem exists with Firefox and Chrome as well, but not with Safari.

Hi bawe, the following answer is for a Windows user, but the same general principles apply to MacOS, I believe:

If your security software is creating fake site certificates, you have a couple options to try to get Firefox to accept them: https://support.mozilla.org/questions/1238264#answer-1166946

However, I think it's a good idea to confirm that Sophos is doing it, to rule out other possible intermediaries. You can share the coded certificate for a site with us using the steps in FredMcD's earlier reply here: https://support.mozilla.org/questions/1239315#answer-1169804

Global Sign Certificate is installed in Firefox already. Here I've copied the coded certificate as described above:

https://www.amazon.com/

Der Zertifikat-Aussteller der Gegenstelle wurde nicht erkannt.

HTTP Strict Transport Security: true HTTP Public Key Pinning: false

Zertifikatskette:

MIIC0jCCAbqgAwIBAgIIAzJW4Kzm1eAwDQYJKoZIhvcNAQELBQAwGjEYMBYGA1UE AwwPU3RvcEFkIExvY2FsIENBMB4XDTE4MTEwNTAwMDAwMFoXDTIwMTEwNTAwMDAw MFowGTEXMBUGA1UEAwwOd3d3LmFtYXpvbi5jb20wggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCLRjRFBds6vYQ7RqfbfD8XQ9Fjt1TwmkQyAfIBYiPNJ4M6 wOF6N87ZNd5izxhZ1hqrC63wxBdWcT39XxAa0FJJ6eGgrEQJnzRoWItLycsfU+Zy 7BuG2pzu8c1Gx4+yXsjKadFZgLA6zL4HZz6sCmFPqBsqB5WuRlter2BD9A4+Nc7u 9adry7Fh562Vop9gD46/ydzbwTrtwjhs4pOZKRP4EBwCZU+vpGIgJ4q2J5loXRPa FI+i6GF7E4bpZDhK1w16euGUdIIUUs65I3lb/mgFWGpk7N1DeDCOzKXSfkPBk23t kuGM7mgj2dRCQ8VZJrHQd/QUl/isOLZLQPuejwN/AgMBAAGjHTAbMBkGA1UdEQQS MBCCDnd3dy5hbWF6b24uY29tMA0GCSqGSIb3DQEBCwUAA4IBAQBoZURkpeN5xEiW BIv0fi83CYFJZ0+KoK2d85RJiB7ZeaXReHSPbDmXtPDXpW3vl+qUoTVpmziN9muD oSfjfWKVYq75ljsZN8gpFyMjjOLuuDEfKWTx7RmvKAXq8wxFCUJhnWtQe00tzuni tImbJzAKYy/4QpWjwi9N93RuSVNr8SNcKYyb1u5mQmpXSMlo/kzWxdW7jE8vSVfo HoNG884h34bC6N2C6fwNE3FtcXWRmpTZ77gAGO2JBVkbeNabU9SeYDZdXLp9AjKw FmmQ2W8ucApLfcR72LC8dRpJyJcqOouECUPBF7HourWm2vbyv2vRIrDsDgkXyPlg WzCcMInf

This cert is quite OK. Do you have actual date&time set on your computer?

Date and time are ok both. Remember: The issue appears only in Firefox; Safari works without problems.

When I check that certificate using https://certlogik.com/decoder/ I'm puzzled about this:

Issuer CN = StopAd Local CA

Does StopAd sound like a program you installed?

This is their page on how to get Firefox to trust their fake certificates so their software can read your secure browsing: https://stopad.io/help/windows/connection-is-not-secure

I've StopAd, but only working in Safari. I've reinstalled StopAd Certificate as well cleared browser cache and cookies. There is no white list in my version of StopAd. I won't disable my antivirus program while surfing in the net. I know it's maybe difficult - the bug still exists. I thank you all for your effort helping me, I give up now. I'm going to surf only with Safari now.

I don't think Sophos is causing the problem in Firefox. The problem is Firefox doesn't accept the fake certificates from StopAd.