All of a sudden, after a firefox update, I am getting "This Connection is Untrusted" for Facebook, it doesn't matter if I use http: or https:, WHY????????
All of a sudden, after a firefox update, I am getting "This Connection is Untrusted" for Facebook, it doesn't matter if I use http: or https:, WHY???????? Here are all the details from the error message:
This Connection is Untrusted
You have asked Firefox to connect securely to facebook.com, but we can't confirm that your connection is secure.
Normally, when you try to connect securely, sites will present trusted identification to prove that you are going to the right place. However, this site's identity can't be verified. What Should I Do?
If you usually connect to this site without problems, this error could mean that someone is trying to impersonate the site, and you shouldn't continue.
This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely. As a result, it is not possible to add an exception for this certificate.
facebook.com uses an invalid security certificate.
The certificate is not trusted because the issuer certificate is unknown.
(Error code: sec_error_unknown_issuer)
(Also included a screen shot.)
Solution eye eponami
cor-el said
You can check the date and time and time zone in the clock on your computer: (double) click the clock icon on the Windows Taskbar. You can retrieve the certificate and check details like who issued certificates and expiration dates of certificates.Tanga eyano oyo ndenge esengeli 👍 0You can see more details like the intermediate certificates that are used in the Details tab. If you can't inspect the certificate via "I Understand the Risks" then try this: Open this chrome URI by pasting or typing this URI in the location/address bar to open the "Add Security Exception" window and check the certificate:
- Click the link at the bottom of the error page: "I Understand the Risks"
- Let Firefox retrieve the certificate: "Add Exception" -> "Get Certificate"
- Click the "View" button and inspect the certificate and check who is the issuer.
In the location field type/paste the URL of the website
- chrome://pippki/content/exceptionDialog.xul
Check who is the issuer of the certificate. You can inspect more details like the certificate chain in Details tab of the Certificate Viewer.
- retrieve the certificate via the "Get certificate" button
- click the "View..." button to inspect the certificate in the Certificate Viewer
All Replies (20)
I am about ready to give up on firefox and change to Chrome.
You can check the date and time and time zone in the clock on your computer: (double) click the clock icon on the Windows Taskbar.
You can retrieve the certificate and check details like who issued certificates and expiration dates of certificates.
- Click the link at the bottom of the error page: "I Understand the Risks"
- Let Firefox retrieve the certificate: "Add Exception" -> "Get Certificate"
- Click the "View" button and inspect the certificate and check who is the issuer.
You can see more details like the intermediate certificates that are used in the Details tab.
If you can't inspect the certificate via "I Understand the Risks" then try this:
Open this chrome URI by pasting or typing this URI in the location/address bar to open the "Add Security Exception" window and check the certificate:
- chrome://pippki/content/exceptionDialog.xul
In the location field type/paste the URL of the website
- retrieve the certificate via the "Get certificate" button
- click the "View..." button to inspect the certificate in the Certificate Viewer
Check who is the issuer of the certificate.
You can inspect more details like the certificate chain in Details tab of the Certificate Viewer.
There is no link at the bottom of the error page: "I Understand the Risks"
None of that worked at all.
What do you see if the use the second procedure and paste https://facebook.com in the location field and click View Certificate?
- chrome://pippki/content/exceptionDialog.xul
This is what I see... Which is no help.
It actually points directly to the answer: look at who is listed as issuing the certificate for Facebook: Kaspersky.
By any chance did you use the Refresh feature during your last update? This can happen when Firefox reports it is starting slowly and says you can speed it up by restoring some default settings. If you click the button, an Old Firefox Data folder appears on your desk with your old settings folder. Do you see anything like that?
Reason I ask is, the old certificate file which was already set up to work with Kaspersky's SSL Scan feature would be in there and you could copy it over to your current settings folder.
Otherwise, you can set Firefox up to work with Kaspersky again.
I didn't update it, after YEARS of having Firefox setup to not update on it's own, it just did it. I have never had this happen before. There is now a folder on my desktop, as you described, but I never saw anything like you are describing. Anyway... I just had my computer guy look at it and he thinks he got it fixed and cannot understand why the problem is ONLY on my profile on this computer, none of the other profiles had this problem from the update. If I have any continuing problems I will be back here, and more ready to delete Firefox. Thank you for the help.
So this problem still persists. I am again getting the untrusted site and no option to bypass it.
jscher2000 HOW WOULD I DO THIS?????
"Reason I ask is, the old certificate file which was already set up to work with Kaspersky's SSL Scan feature would be in there and you could copy it over to your current settings folder.
Otherwise, you can set Firefox up to work with Kaspersky again."
go into the kaspersky settings > additional > network settings and disable the scanning of encrypted connections there. alternatively you could also try to import the kaspersky certificate into firefox like described by another user at https://support.mozilla.org/en-US/questions/1026631#answer-650916.
I am STILL having this problem!!!! Is there any help out there????
have you tried either option from my answer above - what's the result?
Yes, and both seemed to work right up until I rebooted my computer, I need a permanent fix not temporary.
What changed at Windows startup: the Kaspersky SSL Scan turned back on, or Firefox lost the authority certificate and stopped trusting Kaspersky's fake certificates?
If the problem is that Firefox lost the certificate, does the same problem occur if you exit Firefox and start it up again, or only when you shut down and restart Windows?
Some utility software like CCleaner may change your Firefox settings files at Windows startup, but I don't know why any software would touch the cert8.db file. That seems strange.
I don't know what the problem is, but the only way to resolve it seems to be to delete ANY antivirus programs on my computer, so since firefox appears to not work with any antivirus, I am going to uninstall firefox and reinstall my computers protection!!! I will not have an unprotected computer for a browser that has turned to shit, so either MOZILLA can get off their ass and find a fix or I am gone and I promise to blast the the problem on EVERY public forum I can find!
the problem is that your antivirus program is intercepting all secure connections without being properly set-up to do so. this is looking like a man-in-the-middle attack to the browser and therefore you'll get the warning screens. if you want to troubleshoot the problem with us, then please follow up on the questions asked/suggestions made and keep your tone constructive (otherwise this topic will be locked). you can contact kaspersky's support as well, you are paying for their product that is causing the problem!
Millions of Firefox users probably run Kaspersky, ESET, BitDefender or avast!, all of which do the same kind of filtering and present fake certificates to Firefox. You definitely can make this work. Heck, you know that, because it worked before you did the Refresh.
We would never suggest removing Kaspersky, so if you did, please reinstall it. Your security comes first.
Next, you can try to push Kaspersky's authority certificate into Firefox so Firefox trusts all of its fake certificates, or you can turn off just the interceptions of your secure connections and keep all of the other Kaspersky features, your choice.
I haven't checked these links for a few months, but hopefully they still work!
One of these articles/posts might help you get Firefox to trust Kaspersky's fake certificates again:
- See Opera section of this one: http://support.kaspersky.com/us/9093#block1
- Manual steps using classic menu bar (tap the Alt key to display it): http://support.kaspersky.com/5414
- https://support.mozilla.org/questions/1008312#answer-650914
Solution eye oponami
cor-el said
You can check the date and time and time zone in the clock on your computer: (double) click the clock icon on the Windows Taskbar. You can retrieve the certificate and check details like who issued certificates and expiration dates of certificates.You can see more details like the intermediate certificates that are used in the Details tab. If you can't inspect the certificate via "I Understand the Risks" then try this: Open this chrome URI by pasting or typing this URI in the location/address bar to open the "Add Security Exception" window and check the certificate:
- Click the link at the bottom of the error page: "I Understand the Risks"
- Let Firefox retrieve the certificate: "Add Exception" -> "Get Certificate"
- Click the "View" button and inspect the certificate and check who is the issuer.
In the location field type/paste the URL of the website
- chrome://pippki/content/exceptionDialog.xul
Check who is the issuer of the certificate. You can inspect more details like the certificate chain in Details tab of the Certificate Viewer.
- retrieve the certificate via the "Get certificate" button
- click the "View..." button to inspect the certificate in the Certificate Viewer
I have read through all of posts concerning this issue, and it is apparent to me that either a FF update caused this, or a Windows 10 update caused this. It is upsetting especially when I don't get the chance to override the error msg. This never happened in earlier versions of FF, nor did it happen prior to my upgrading to Windows 10.
The only "fix" that works for me every time is to cut and paste the "offending" URL into Chrome. No problem getting to google.com or facebook.com. Therefore, after many, many years of using FF, I will be switching to Chrome until or unless this gets fixed.