How to turn off the "untrusted connection" thing?
I found this thread that summarizes my problem nicely, but because the original question owner was rather angry it seems to have been lock, most unhelpful: https://support.mozilla.org/en-US/questions/951920
I too need to completely disable the nanny behavior of validating all certificates. I sit behind a corporate firewall and all my certificates are replaced by the proxy server. No connection leaving here is safe from the network admins up stream and no amount of confirming exceptions nor adding certificates will make it so.
I just need to disable this useless blockage so I can surf sites. I can't even google effectively since the default google searches use https:
- Shockwave Flash 11.7 r700
- Adobe PDF Plug-In For Firefox and Netscape 10.1.7
- Adobe Shockwave for Director Netscape plug-in, version 126.96.36.199
- Next Generation Java Plug-in 1.6.0_43 for Mozilla browsers
- NPRuntime Script Plug-in Library for Java(TM) Deploy
- The plug-in allows you to open and edit files using Microsoft Office applications
- Office Authorization plug-in for NPAPI browsers
- User Agent: Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20130729 Firefox/24.0
and delete the cert8.db file in your profile folder Firefox > Tools > Show Folder > delete cert8.db with firefox closed.
Let me restate:
FIrefox (Aurora) is working exactly as it was intended. My clock is right, my cert8.db is not corrupt.
The problem is the intended behavior DOES NOT WORK in situations like mine. I _know_ the certificates are unsecure. I _have_ to live with that. I DO NOT NEED FIrefox popping that obnoxious page ever time I load a new page.
I NEED to be able to browse with unverified certificates. I understand the risks and accept them on that machine.
Add a security exception
This page will not be removed from firefox with a pref you can though write a bug or make/find a addon that changes this behavior.
Does the proxy send its own certificate?
Did you investigate if it is possible to install a root certificate from that proxy?
Can you test whether this extension works well enough for your needs: Skip Cert Error? I haven't tried it myself.
I find that attitude entirely unreasonable. This behavior in Firefox is BROKEN BY DESIGN in situations like mine. As cor-el stated, The proxy sends its own certificate and the company tech support refuses to provide any support for Firefox. Firefox is simply choking on the same certificate over and over again. The company proxy also provides this 'certificate verification service.' I don't need Firefox to force this on me.
Thanks, I'll try that when I get to work tomorrow. Of course, I'll have to download it with I.E. since Firefox will refuse to work with the mozilla site since everything is https and I can't disable the certificate check.
v22 with same problem. I've been reading the locked thread (silenced the opposition) and this thread thinking Mozilla would finally listen to users and fixed the problem (yes its a bug) but I was wrong. Firefox used to be my de facto browser, no question but it went downhill. Here's some advice Mozilla, hire some programmers and listen to users.
Starting Chrome..... (or hell, any other browser, even IE)
由 stevemj 於 修改
Hi stevemj, it's not normal for Firefox to refuse to visit secure sites. Problems should be fixed, but the trick is understanding what is causing the error page to appear.
Firefox has many different technical explanations for SSL certificate problems. I can't read every thread here, but in the ones I've seen, these are the most common issues:
(1) Proxy (a proxy server is intercepting the connection, decrypting it to filter it, and re-encrypting it). Examples: a feature of the Bitdefender and ESET security suites, and probably others.
(2) Incorrect system clock.
(3) Corrupted certificate store. See this article for how to delete the file: https://support.mozilla.org/en-US/kb/secure-connection-failed-error-message#w_the-certificate-is-not-trusted-because-the-issuer-certificate-is-unknown
Where these are not applicable or do not help, it is useful to get the information from the "Technical Details" section of the Untrusted connection page. This may help in finding a solution in the troubleshooting article: Secure connection failed and Firefox did not connect.
So, I've been running the 'Skip Cert Error' plugin for a while with marginal results.. Unfortunately, all the content won't load, for example, the CSS styles from wikipedia and ixquick don't work when secure.
I'm still stuck in the same place: The corporate proxy server feeds its own cert for every page, but corporate won't provide the key to authenticate so firefox won't work. FIrefox is "smarter" than me and won't let me just trust everything from the proxy server even though its scanned and keys are checked there.
I'm specifically trying to address "(1) Proxy (a proxy server is intercepting the connection, decrypting it to filter it, and re-encrypting it). Examples: a feature of the Bitdefender and ESET security suites, and probably others"
Since I don't control the corporate LAN technology and can't bypass the proxy server, I need to tell Firefox not to check the certificate. It is not meaningful in any way. If the man-in-the-middle attack is between me and the proxy server I'm screwed anyway since they're already inside the firewall on the private network.
Hi Jentron, I didn't think you needed a key, but maybe you do. Did you see this thread about importing a certificate exported from IE or Chrome: Disabling untrusted connection warning, or adding issuer without certificate? I think that's what cor-el's post was driving at.
DISABLE BROWSER SECURITY should be the default, not something I must war with every other day. I HATE security, military and most police excepted. No matter what happens, I can deal with it AT LEAST as well as anyone else I've ever heard of.
The feature does not provide any action option at all in my situation. I do not want exceptions to let things happen; I might CONSIDER exceptions to prevent things I do not care for, but really I'd rather deal with malware entirely on my own. Go get a job with Obamacare why don't you, that's the same idea. Communist.