Ubuntu 18.04 There is a proxy. No any antivirus software installed.
On some sites there is warning: Your connection is not secure. If i pressed "Advanced". The certificate is not trusted because the issuer certificate is unknown. After that, i choose "Add Exception" and "Get certificate". After receiving certificate, i get
- the site provides valid, verified identification".
So I can close "Add Exception" window and refresh the page. All works fine.
Another way if HSTS used. There is not chance to "Add Exception". But sometimes i just need to reload page. Or another page with the same domen load successfully.
What i tried todo:
updates certificates: sudo dpkg-reconfigure ca-certificates
remove cert file of firefox: ~/.mozilla/firefox/qrpsqrx2.default/cert9.db.
It seems to be usefull, but not a long time. So: problem still exist.
Eminye Imininingwane Yohlelo
- I-ejenti Engumsebenzisi: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:64.0) Gecko/20100101 Firefox/64.0
Certificate issues are site related to fix - firefox browser can't fix that for them. firefox compares the site certificate to a registered certificate that they use to compare to allow access and if doesn't match it will not load the site. What you have to do is contact the site and tell them to update their certificate to permit firefox access to the site.
I understand that. But why when i "Get certificate", firefox browser tells, that "sites provieds valid..." and then i can just reload page and it is loading normal. Why firefox did not load it then for the first time?
The same behaviour with HSTS. But in that case, i just update page and it is loading.
I finf out now, that just reload page is always help.
Have you tested it without the proxy? I would test this by setting Firefox to auto-proxy in the advanced settings of the network settings of Firefox. Connection settings in Firefox
It looks like the proxy can have an affect on the root certificate. I did a little reading, however I do not know exactly how the network you are on has set up the proxy/security/ssl validation.