I have Kaspersky. After refreshing firefox I am unable to load google due to an insecure connection. Every other site loads just fine.
"This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely. As a result, it is not possible to add an exception for this certificate."
I have tried many of the methods listed on the support forums for resolving this issue and none have worked. I do not have a Kaspersky certificate under "Authorities" in the "Options: Advanced: View Certificates" tree.
Chosen solution
If you want to minimize old baggage, please see the import steps in this thread: https://support.mozilla.org/questions/1110416
Alternately, do you still have the Old Firefox Data folder on your desktop from the Firefox Refresh? Check inside for a folder with a semi-random name. If there's only one, that probably has your old settings and add-ons. If there's more than one, you'll want to work with the one that was updated most recently.
Once you have identified the latest profile folder, check inside for a file named cert8.db (Windows might hide the .db extension, but there is only one cert8 file.) This file would contain Kaspersky's signing certificate and you could swap it in for your new cert8.db file. To try that...
Open Your Current Profile folder in Windows Explorer
Open the Troubleshooting Information page using either:
- "3-bar" menu button > "?" button > Troubleshooting Information
- Help menu > Troubleshooting Information
- type or paste about:support in the address bar and press Enter
In the first table, click the "Show Folder" button. Firefox will launch your brand new profile folder in Windows Explorer.
Leaving that folder open, switch back to Firefox, and Exit using either:
- "3-bar" menu button > "power" button
- (menu bar) File > Exit
When Firefox closes, the profile folder should be front and center, or you can activate it using the Task bar. Find the cert8.db file and rename it to something like cert8-old.db.
Copy Old File in Place of New
Leaving the current profile window open, open or switch over to your Old Firefox Data folder. Drill down into your old profile folder.
Right-click cert8.db and Copy.
Switch to window with cert8-old.db and Paste (either right-click > Paste or Ctrl+v).
Start Firefox
Firefox should start up with the original cert8.db and trust Kaspersky's fake certificates again. Success?
Read this answer in context 👍 1All Replies (2)
Chosen Solution
If you want to minimize old baggage, please see the import steps in this thread: https://support.mozilla.org/questions/1110416
Alternately, do you still have the Old Firefox Data folder on your desktop from the Firefox Refresh? Check inside for a folder with a semi-random name. If there's only one, that probably has your old settings and add-ons. If there's more than one, you'll want to work with the one that was updated most recently.
Once you have identified the latest profile folder, check inside for a file named cert8.db (Windows might hide the .db extension, but there is only one cert8 file.) This file would contain Kaspersky's signing certificate and you could swap it in for your new cert8.db file. To try that...
Open Your Current Profile folder in Windows Explorer
Open the Troubleshooting Information page using either:
- "3-bar" menu button > "?" button > Troubleshooting Information
- Help menu > Troubleshooting Information
- type or paste about:support in the address bar and press Enter
In the first table, click the "Show Folder" button. Firefox will launch your brand new profile folder in Windows Explorer.
Leaving that folder open, switch back to Firefox, and Exit using either:
- "3-bar" menu button > "power" button
- (menu bar) File > Exit
When Firefox closes, the profile folder should be front and center, or you can activate it using the Task bar. Find the cert8.db file and rename it to something like cert8-old.db.
Copy Old File in Place of New
Leaving the current profile window open, open or switch over to your Old Firefox Data folder. Drill down into your old profile folder.
Right-click cert8.db and Copy.
Switch to window with cert8-old.db and Paste (either right-click > Paste or Ctrl+v).
Start Firefox
Firefox should start up with the original cert8.db and trust Kaspersky's fake certificates again. Success?
You can import the Kaspersky root certificate in the Certificate Manager under the Authorities tab.
You can find "(fake)Kaspersky Anti-Virus Personal Root Certificate.cer" in this folder:
- "C:\ProgramData\Kaspersky Lab\AVP16.0.0\Data\Cert"
When prompted, place a tick on "Trust this CA to identify websites" trust bit to make the imported certificate work as a trusted root certificate to trust websites.
Note that trust bits should only be set for a trusted root certificate and never for intermediate certificates.