Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Èròjà atẹ̀lélànà yii ni a ti fi pamọ́ fọ́jọ́ pípẹ́. Jọ̀wọ́ béèrè ìbéèrè titun bí o bá nílò ìrànwọ́.

Yahoo Mail website won't load in Firefox 44

more options

The latest version of Firefox won't allow me to go to Yahoo's web mail site (https://mail.yahoo.com/). If you do, you get this error (attached as a pic, plus here's the text):

    Your connection is not secure
    The owner of mail.yahoo.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.
    This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely. As a result, it is not possible to add an exception for this certificate.

You have two buttons, "Go Back" and Advanced. "Go Back" just takes you to the previous page, if there was one. Advanced gives you the following additional info, but with NO ability to add an exception:

    mail.yahoo.com uses an invalid security certificate. The certificate is not trusted because the issuer certificate is unknown. The server might not be sending the appropriate intermediate certificates. An additional root certificate may need to be imported. (Error code: sec_error_unknown_issuer)

In other words, until (if?) Yahoo fixes their site certificates, I have to use IE or Chrome to look at my web mail. Firefox gives no ability to proceed to Yahoo's web mail site. I did a chat with AT&T/Yahoo support, and they ended up telling me, "It's a browser problem, use a different browser." This is a total drag, since I see both sides of the problem, know that Yahoo should update its certs, but realize that isn't going to happen anytime soon.

Yeah, I could display the page in IE Tab, which I'll probably do at work, but at home on my Mac there is NO version of IE Tab, so I have to stay at Firefox 43 until/if either Firefox or Yahoo makes the necessary change.

Anyone else know a way to get past this?

Dana

The latest version of Firefox won't allow me to go to Yahoo's web mail site (https://mail.yahoo.com/). If you do, you get this error (attached as a pic, plus here's the text): Your connection is not secure The owner of mail.yahoo.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website. This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely. As a result, it is not possible to add an exception for this certificate. You have two buttons, "Go Back" and Advanced. "Go Back" just takes you to the previous page, if there was one. Advanced gives you the following additional info, but with NO ability to add an exception: mail.yahoo.com uses an invalid security certificate. The certificate is not trusted because the issuer certificate is unknown. The server might not be sending the appropriate intermediate certificates. An additional root certificate may need to be imported. (Error code: sec_error_unknown_issuer) In other words, until (if?) Yahoo fixes their site certificates, I have to use IE or Chrome to look at my web mail. Firefox gives no ability to proceed to Yahoo's web mail site. I did a chat with AT&T/Yahoo support, and they ended up telling me, "It's a browser problem, use a different browser." This is a total drag, since I see both sides of the problem, know that Yahoo should update its certs, but realize that isn't going to happen anytime soon. Yeah, I could display the page in IE Tab, which I'll probably do at work, but at home on my Mac there is NO version of IE Tab, so I have to stay at Firefox 43 until/if either Firefox or Yahoo makes the necessary change. Anyone else know a way to get past this? Dana
Ìsopọ̀ yíyà aṣàfihàn

All Replies (5)

more options
more options

Is Yahoo Mail the only site where you have this issue, or does it affect other HTTPS sites as well?

When you get untrusted connections for pretty much all secure sites, the problem usually is one of the following:

(1) Error in your system's date, time, or time zone, which throws off certificate validity checks. Sometimes allowing computers to use an internet-based time source can introduce this problem.

(2) Firefox not being set up to work with your security software that intercepts and filters secure connections. Products with this feature include Avast, BitDefender, ESET, and Kaspersky; AVG has a Search Shield feature which can cause this error on search sites.

(3) On Windows 10, Firefox not being set up to work with the parental control software Microsoft Family Safety. (To test by turning it off, see: http://windows.microsoft.com/en-us/wi.../turn-off-microsoft-family-settings)

(4) Malware on your system intercepting secure connections.

If you have any of those specific security products:

That would be the first thing to check. The article linked by ideato will walk you through it.

If none of those ring a bell:

You could inspect a sample certificate to see whether that points to the culprit. If you want to try that now, here's how I suggest starting:

Load my test page at: https://jeffersonscher.com/res/jstest.php

You likely will get an error page. Expand the "Advanced" button and look for an Add Exception button.

Note: You don't need to complete the process of adding an exception -- I suggest not adding one until we know this isn't a malware issue -- but you can use the dialog to view the information that makes Firefox suspicious.

Click Add Exception, and the certificate exception dialog should open.

Click the View button. If View is not enabled, try the Get Certificate button first.

This should pop up the Certificate Viewer. Look at the "Issued by" section, and on the Details tab, the Certificate Hierarchy. What do you see there? I have attached a screen shot for comparison.

more options

ideato said

Hello Dana, please see : https://support.mozilla.org/en-US/kb/troubleshoot-SEC_ERROR_UNKNOWN_ISSUER thank you

Thanks, ideato, but that was one of the first places I went - no joy. I'm in the IT industry, so I've tried whatever solutions I could find, but nothing has worked - the long and short of it seems to be that Firefox is holding the line on making sure certificates match the site, and Yahoo's don't.

more options

So, it took them a couple of weeks, but problem solved - by Mozilla. But first...

jscher2000 - Thank you for all your information and assistance. Yes, this problem only happened on Yahoo's site, where Firefox would not allow an exception to be made. A few other sites had similar problems, but the difference is that while on those other sites, I was given the option to allow an exception, thus permitting me to proceed to the site.

Firefox on Yahoo Mail gave a different message, saying that the site's security settings wouldn't allow exceptions. I don't know who blinked, or got yelled at, but finally a few days back I was able to add an exception for Yahoo's Mail site, and I was once again able to see my web mail on Firefox. Either the site changed or Mozilla loosened up, but the end result is that it's now unbroken again.

Thanks again.

Dana

Ti ṣàtúnṣe nípa decay

more options

decay said

I don't know who blinked, or got yelled at, but finally a few days back I was able to add an exception for Yahoo's Mail site, and I was once again able to see my web mail on Firefox.

Except -- you should never need to add exceptions for well run sites. Something or someone is intercepting your connection. To try to run that down, could you just check what certificate you saved as the valid cert for Yahoo mail? You can look in the Certificate Viewer here:

Windows: "3-bar" menu button (or Tools menu) > Options Mac: "3-bar" menu button (or Firefox menu) > Preferences

In the left column, click Advanced, and on the right side, click the Certificate mini-tab near the top. Then click the "View Certificates" button.

This should launch a separate window with five tabs. Click the Servers tab. You can ignore the ones where the server is listed as * and look for the Yahoo one. Click that certificate to select it and then click the View button. I have attached a screen shot for comparison. What do you see in the red-boxed areas?

Edit: Added Mac menu path.

Ti ṣàtúnṣe nípa jscher2000 - Support Volunteer