Security exceptions don't work
I was really excited to move to Firefox as I do a lot of development on linux but my workstation is Windows.
However, I OFTEN encounter sites that are not accessible by firefox due to security issues. Usually certs that can't be verified because of names and that kind of thing. Typically there is the option to "Add Security Exception" but that rarely works. I reload the site and the issue arises again. Other times I can't even add the exception - for example facebook.com.
I'm actually using Chrome again due to the absolute un-usability of Firefox for really simple things. Yes I used the Firefox repair tool. Yes I've added the certificates manually.
I was really excited to move to Firefox,
All Replies (3)
phoenixelijah said
I OFTEN encounter sites that are not accessible by firefox due to security issues. Usually certs that can't be verified because of names and that kind of thing. Typically there is the option to "Add Security Exception" but that rarely works. I reload the site and the issue arises again. Other times I can't even add the exception - for example facebook.com.
You should never need to add exceptions for well run sites on a direct connection. Many users encounter issues with "man in the middle" software that intercepts your browsing and presents fake certificates to Firefox. It would be best to investigate that to ensure that it is your security software or a company proxy server that you trust, rather than a malware issue, even if you decide not to use Firefox.
These articles could help get you started:
I am on a corporate VPN with custom security software, and asking them to change settings is not an option, as it would not fix the issue within the timeframe I need it fixed.
I have tried all suggestions I could find on this site, including changing firefox options and resetting firefox.
An example of a site I can't access is Twitter.com
I don't want to log in or share any information, so security and privacy are not relevant.
I do need to access the site.
In this case I don't care if the site or the VPN is "properly maintained" because I am not going to log in or share any information.
How do I force Firefox to ignore the certificate problem?
troyofearth modificouno o
Hi troyofearth, does all your browsing run through a proxy operated by your company? Any "man in the middle" must issue fake site certificates in order to decrypt your browsing (for the benign purposes of securing the company and enforcing policy), so naturally Firefox won't accept those certificates.
You have two options for making Firefox compatible with the proxy:
(1) Import the proxy's signing certificate as a trusted authority in Firefox
(2) Set Firefox to trust all the signing certificates in the Windows certificate store
Option #1 is a bit more protective because malware is far less likely to infect Firefox's certificate store than the system certificate store shared by Microsoft and Google browsers. This may not be a concern on a company PC.
Option #2 is fast and easy. So assuming you prefer fast and easy, here's how:
(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful or accepting the risk.
(2) In the search box above the list, type or paste roots and pause while the list is filtered
(3) Double-click the security.enterprise_roots.enabled preference to switch the value from false to true