搜尋 Mozilla 技術支援網站

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Why is the mozilla.org site untrusted? "You have asked Firefox to connect securely to www.mozilla.org, but we can't confirm that your connection is secure."

  • 5 回覆
  • 6 有這個問題
  • 697 次檢視
  • 最近回覆由 georgewachs

more options

Just downloaded firefox for mac and get their own server as a security warning.....not very promising.

This Connection is Untrusted

You have asked Firefox to connect securely to www.mozilla.org, but we can't confirm that your connection is secure.

Normally, when you try to connect securely, sites will present trusted identification to prove that you are going to the right place. However, this site's identity can't be verified. What Should I Do?

If you usually connect to this site without problems, this error could mean that someone is trying to impersonate the site, and you shouldn't continue.

被選擇的解決方法

With Avast, three options:

(1) Trigger Avast to add its signing certificate to Firefox's certificate store. This is supposed to happen either when you install Avast or at some other point, such as restarting the system. Perhaps reinstalling Avast will trigger it? (Note: this signing certificate is going into your new cert8.db file)

(2) Manually import Avast's signing certificate into Firefox's certificate store.

(3) Go into Avast's Web Shield settings and turn off scanning of encrypted/HTTPS connections. The details vary depending on your version of Avast, but from several months ago:

Windows version??

  1. Open the Avast dashboard on the affected system.
  2. Select Settings from the left sidebar menu.
  3. Switch to Active Protection.
  4. Click on Customize next to Web Shield.
  5. Uncheck the "Enable HTTPS Scanning" option and click ok

Mac version??

  1. Open the Avast dashboard on the affected system.
  2. Click the "gear" icon labeled "Preferences."
  3. Click Shield on the left sidebar menu
  4. Click on the Web Shield "Settings"
  5. Uncheck "Scan secured connections"

For #2:

Export

I'm not sure how you export a certificate on Mac. It may involve the system keychain. The goal is to generate a "DER" format certificate file in a location that's easy to find using Firefox (e.g., your Desktop).

Import

  • In Firefox, open the Certificate Manager using

    "3-bar" menu button (or Firefox menu) > Preferences > Advanced > Certificates mini-tab > "Manage Certificates" button
  • Click the Authorities mini-tab and then the "Import" button, and find the DER file. Note: I suggest allowing the certificate for websites only.

I am attaching a screen shot for the import part.

從原來的回覆中察看解決方案 👍 2

所有回覆 (5)

more options
more options

Hi georgewachs, don't get discouraged just yet.

I assume this is a pattern with secure sites, and not just Mozilla's site. For example: https://www.duckduckgo.com/

When you get this error page for pretty much all secure sites, the problem usually is one of the following:

(1) Error in your system's date, time, or time zone, which throws off certificate validity checks. Sometimes allowing computers to use an internet-based time source can introduce this problem.

(2) Firefox not being set up to work with your security software that intercepts and filters secure connections. Products with this feature include Avast, BitDefender, ESET, and Kaspersky; AVG has a Search Shield feature which can cause this error on search sites.

(3) Malware on your system intercepting secure connections.

So... which is it?

If you have any of those specific security products, that would be the first thing to check. We might be able to assist with specific next steps based on what you have if you tell us.


To gather further information, you could inspect a sample certificate to see whether that points to the culprit. If you want to try that now, here's how I suggest starting:

Load my test page at: https://jeffersonscher.com/res/jstest.php

You likely will get an error page. Expand the "I understand the risks" section and look for an Add Exception button.

Note: You don't need to complete the process of adding an exception -- I suggest not adding one until we know this isn't a malware issue -- but you can use the dialog to view the information that makes Firefox suspicious.

Click Add Exception, and the certificate exception dialog should open.

Click the View button. If View is not enabled, try the Get Certificate button first.

This should pop up the Certificate Viewer. Look at the "Issued by" section, and on the Details tab, the Certificate Hierarchy. What do you see there? I have attached a screen shot for comparison.

more options

Thanks for your help, looks like Avast might be the problem. Any idea of how to tweak it for Ffox?

more options

選擇的解決方法

With Avast, three options:

(1) Trigger Avast to add its signing certificate to Firefox's certificate store. This is supposed to happen either when you install Avast or at some other point, such as restarting the system. Perhaps reinstalling Avast will trigger it? (Note: this signing certificate is going into your new cert8.db file)

(2) Manually import Avast's signing certificate into Firefox's certificate store.

(3) Go into Avast's Web Shield settings and turn off scanning of encrypted/HTTPS connections. The details vary depending on your version of Avast, but from several months ago:

Windows version??

  1. Open the Avast dashboard on the affected system.
  2. Select Settings from the left sidebar menu.
  3. Switch to Active Protection.
  4. Click on Customize next to Web Shield.
  5. Uncheck the "Enable HTTPS Scanning" option and click ok

Mac version??

  1. Open the Avast dashboard on the affected system.
  2. Click the "gear" icon labeled "Preferences."
  3. Click Shield on the left sidebar menu
  4. Click on the Web Shield "Settings"
  5. Uncheck "Scan secured connections"

For #2:

Export

I'm not sure how you export a certificate on Mac. It may involve the system keychain. The goal is to generate a "DER" format certificate file in a location that's easy to find using Firefox (e.g., your Desktop).

Import

  • In Firefox, open the Certificate Manager using

    "3-bar" menu button (or Firefox menu) > Preferences > Advanced > Certificates mini-tab > "Manage Certificates" button
  • Click the Authorities mini-tab and then the "Import" button, and find the DER file. Note: I suggest allowing the certificate for websites only.

I am attaching a screen shot for the import part.

more options

Thank you very much, the mac version options worked beautifully.

Again, thanks. Very helpful.