Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Firefox cannot make a secure https connection

  • 14 replies
  • 11 have this problem
  • 4 views
  • Last reply by Mace2

more options

After going to the web site "www.faxzero.com" and entering the necessary data it proceeds to a https address "https://faxzero.com" but Firefox reports "the connection is untrusted". On the same workstation I used Safari and it worked with proper https authentication and I also tried another browser and it worked. What is causing Firefox to miss read the https site and think it is untrusted?

After going to the web site "www.faxzero.com" and entering the necessary data it proceeds to a https address "https://faxzero.com" but Firefox reports "the connection is untrusted". On the same workstation I used Safari and it worked with proper https authentication and I also tried another browser and it worked. What is causing Firefox to miss read the https site and think it is untrusted?

Modified by cor-el

All Replies (14)

more options

hello, the padlock won't be shown for this site, since it contains an element (the logo-graphic) which is not served over a secure connection.

Mixed content blocking in Firefox
https://blog.mozilla.org/security/2013/09/04/a-new-focus-on-security-in-the-web-console/

more options

Note that you can see this as a red line in the Web Console (Tools > Web Developer; Command+Shift+K)

more options

This web site on the same machine works for 2 other browsers. This is a fault with Firefox 22.

The web console reports the following. [11:21:41.418] GET https://faxzero.com/ [0ms]

more options

ok, then i misread your original question - if you get the "connection is untrusted" error message for the page, it's because the website hasn't implemented the necessary intermediate certificates properly: http://www.sslshopper.com/ssl-checker.html#hostname=https://faxzero.com/

please report the issue to the website in order for them to fix it.

more options

Once again this is a fault with Firefox.

I can use Safari another web browser on the same computer.

Why is this fault occurring ?

more options

firefox is obviously less error-tolerant in this case than other browsers

more options

Once again as I mentioned before I also used TOR which also uses Firefox version 17 and it works with that version of firefox on the same computer. So it is not Safari and its not the web site.

what would cause this fault in firefox 22 to report incorrectly a functioning https site?

more options

The SHA 256 checksum for Firefox 22 for the mac that I am using is bbbefe0e24abc9511747b4a1a858d38cd93d4e2a26ce7b6f9a73dd4001ace747

more options

You can download and install the PositiveSSL CA 2 intermediate certificate from this page:

Import this certificate in the Certificate Manager.

  • Tools > Options > Advanced > Certificates/Encryption: View Certificates

Do not set any of the trust bits when installing. Those are only required for root certificates and not for intermediate certificates.

Modified by cor-el

more options

Clearly firefox 17 and 22 have been altered so as to not get the correct certificate information. I tested this by completely uninstalling and reinstalling the Firefox software and firefox clearly sees the web site https://www.faxzero.com as invalid when it is definitely valid https site as confirmed by web site "https://www.ssllabs.com".

The web site you provided is by a third part site co-rel, I am not interested in using a site to correct a serious security flaw by Mozzila.

how can i prevent firefox from using its own certificates?

more options

No, this web server doesn't send the intermediate certificate, otherwise yo would see a certificate chain if you inspect the certificate.

Did you ever reset Firefox or otherwise create a new profile?

Firefox automatically stores intermediate certificates that servers send in the Certificate Manager for future usage.
So you may not see an error if you have visited a website in the past that did send this intermediate certificate.
If you have never visited a website that uses this same intermediate certificate then Firefox hasn't saved it and you will get an untrusted error.

more options

I have uninstalled and reinstalled Firefox 17 and 22. But FIrefox 22 on my Windows 7 side does not complain just as Safari does but they do not enter HTTPS.

So on the same computer Firefox 22 on the Mac side complains the connection is not trusted. Firefox on the windws 7 side makes no such complaint also on the same computer byt different partition.

more options

Did you download and install the intermediate certificate like I posted above?

If you do not get the error on the other computer then Firefox has picked up the intermediate certificate from visiting a web page that has send it and you should see the PositiveSSL CA 2 certificate in the Certificate Manager, so alternatively you can export the certificate and import it on the other computer.

more options

Corel. Why would i install an intermediate certificate from another company called comodo? It is clear this certificate error has occurred and now affects another site called "https://myaccount.yak.ca/" which also shows the same untrusted message.

Is there an aha checksum for the certificates that Firefox uses?

Where can I find the certs on a Mac OS?