After upgrade all web sites show in text mode, including mozilla.org
I upgraded to Firefox 49.0.2, and now almost all pages show as text not graphical, but they show properly in IE11 and Chrome 54. I have done the following: 1) Flushed Cookies and Cache 2) Run "Clear Recent History" and deleted everything. 3) Removed all add-ons 4) Turned off Hardware Acceleration 5) Restarted in Safe Mode 6) Restarted with Refresh Firefox 7) Removed Session files 8) Removed Java 9) Tried resetting Page Style 10) Tried the No Proxy Setting 11) Reinstalled Firefox three times 12) Tried to go back to an older version 13) Cold Reboot (several times) 14) Ran Full Scan with Symantec anti-virus (twice) I am at a loss for what I can do now.
Chosen solution
Using the old cert8.db did not work either. What did work was copying the Corporate Certificate Authority Certificate to Firefox. The steps are below.
1) From the Windows Certificate Manager - Start -> enter certmgr.msc in the search programs and files box. 2) Under Trusted Root Certification Authorities -> Certificates -> find the Corporate Root Certificate and double-click on it (i.e. Corp01), a new window will open. In the new window, click on the Details tab. 3) Then click on Copy to File, follow the prompts and use the default settings, place the file on the desktop with the same certificate name (i.e. Corp01) Click on Finish and Export was successful will appear. 4) Open Firefox. Use the tools icon to go to Options -> Advanced -> Certificates 5) Click on View Certificates 6) Go to the Authorities tab 7) Click on Import 8) Navigate to the Certificate file you created (i.e. Corp01) and click Open then OK to complete. The Certificate will now be in the Firefox Certificate table. 9) Close and then restart Firefox.
You should now be able to view the websites correctly.
This occurs when your IT staff decrypts traffic coming to and going from your network and the internet to determine if there are any malicious site being visited or corporate policies being violated. So traffic comes in encrypted, gets decrypted and analyzed, then re-encrypted and sent along.
Thanks to all of you who gave me suggestions.
Read this answer in context 👍 0All Replies (14)
Wow, that's a lot.
"Unstyled" pages often are caused by the style sheets not loading, which can be caused by a problem with a secure connection, a "filter" of some kind, or an unexpected redirect.
The style sheets used by this support site are stored on a different server. This is pretty common because more users can be served fresh content more quickly if browsers can retrieve certain infrequently changing files from another source (often a content distribution network or CDN).
Could you check whether a file on one of these servers is accessible in your Firefox, or is blocked?
https://support.cdn.mozilla.net/static/build/common-min.e8b3c24a8874.css -- page of text starting with:
/*! normalize.css v3.0.2 | MIT License | git.io/normalize
When I went to the link, I get a messages that Your connection is not secure and when clicking the Advanced button the "SEC_ERROR_UNKNOWN_ISSUER" error shows with support.cdn.mozilla.net uses an invalid security certificate and I cannot go any farther. I am able to get the file in IE 11.
There is security software like Avast, Kaspersky, BitDefender and ESET that intercept secure connections and send their own certificate.
https://support.mozilla.org/kb/troubleshoot-SEC_ERROR_UNKNOWN_ISSUER
Hi purpleeagl, there's your trouble with unstyled pages. So let's dig into that a little further. If you clicking the blue wording "SEC_ERROR_UNKNOWN_ISSUER" on the error page, Firefox should display a bunch of coded text showing the details of the certificate it considers invalid. Could you copy that and paste it into a reply? I think the button will do it but, if not, you can select it with the mouse and copy normally, then paste that. Make sure to include the "---- " at the beginning and end (even though the forum turns that into a horizontal line).
Hi Fred, I did check on the anti-virus and firewall, but the only thing that changed was doing the upgrade. I am not getting a certificate from the anti-virus. I should have mentioned that.
Hi jscher2000 , Here is the complete certificate. https://support.cdn.mozilla.net/static/build/common-min.e8b3c24a8874.css
Peer’s Certificate issuer is not recognized.
HTTP Strict Transport Security: false HTTP Public Key Pinning: true
Certificate chain:
BEGIN CERTIFICATE-----
MIIDwzCCAqugAwIBAgIMWBt20gAAAAAAAANeMA0GCSqGSIb3DQEBCwUAMIGfMQsw CQYDVQQGEwJVUzERMA8GA1UECBMIVmlyZ2luaWExEzARBgNVBAcTCkNoZXNhcGVh a2UxCzAJBgNVBAoTAkhRMRswGQYDVQQLExJNQVAgQ29tbXVuaWNhdGlvbnMxFTAT BgNVBAMTDG1hcGNvbS5sb2NhbDEnMCUGCSqGSIb3DQEJARYYaXRAbWFwY29tbXVu aWNhdGlvbnMuY29tMB4XDTE1MDMxMjAwMDAwMFoXDTE3MDMxNjEyMDAwMFowbDEL MAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3 MRwwGgYDVQQKExNNb3ppbGxhIENvcnBvcmF0aW9uMRowGAYDVQQDDBEqLmNkbi5t b3ppbGxhLm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJDS1ot/ rinkYc+eKnnrmwUEr2zLfFv+HQLmgYsdSCjvggtfuugN6AgaGZLb6tHCFPu8nqGd MRWeKQIxlljdzzxqS2iPJJjl1CfPFh5ahEXZC2T+tJhXniOnK20I0/XIrWJONdfT N2u+rBuUpqEjpVmUm2FKVc5E9rAagDa4WScxbJ+EZJoM90erCvqognhazLGV3g1w tWz4S3jz36VY2GWZt3ZtfMKVJ8CMmpX3vwRvYY1+bPJRKb3mQTn9gUeATHEGDTYK yc8pfudF9HCtd1cp+sB8CUGsmoyUNqkaznAoCGCbNyEfOrA5bBa86zcd8k5tpniz JPv7EHct6yL18b0CAwEAAaMxMC8wLQYDVR0RBCYwJIIRKi5jZG4ubW96aWxsYS5u ZXSCD2Nkbi5tb3ppbGxhLm5ldDANBgkqhkiG9w0BAQsFAAOCAQEAR0hvHeb0WWLi sajyidqj6ygU/nDVcIrugvXjdA7Mu+ih49gW2VdVZ73UHhbihIJBlUItzsU0ggB4 MkPWbMIWWZL6DvkoMLrk127dQInOI4VmcCtUd2m+6tG9ZE3ouAh0uzvjyQLKNw2r KqJCPxdCpf5BzwCN4dtgjQ630luqNVs6KHdOecTrKyGrv34mvmKp/voNj7j5zVGM 8PE4NRuWNYb8c1iEYoMqRqHBJAS0jqGkWGOqkiB8yxVe7kwrqw1z3tmLnr7wia1i umusclgh9wCfpgxwL2zbbtoKj8uBohKPa5gCjJxbJIL2+TXgK77F/6NCrno09DwG s5w3jSA6Iw==
END CERTIFICATE-----
BEGIN CERTIFICATE-----
MIIF3TCCBMWgAwIBAgITbwAAAMYWSYXotqEszQAAAAAAxjANBgkqhkiG9w0BAQUF ADBAMRUwEwYKCZImiZPyLGQBGRYFbG9jYWwxFjAUBgoJkiaJk/IsZAEZFgZtYXBj b20xDzANBgNVBAMTBmNhaHEwMTAeFw0xNjA4MjMxOTQ5MjNaFw0yMTA4MjIxOTQ5 MjNaMIGfMQswCQYDVQQGEwJVUzERMA8GA1UECBMIVmlyZ2luaWExEzARBgNVBAcT CkNoZXNhcGVha2UxCzAJBgNVBAoTAkhRMRswGQYDVQQLExJNQVAgQ29tbXVuaWNh dGlvbnMxFTATBgNVBAMTDG1hcGNvbS5sb2NhbDEnMCUGCSqGSIb3DQEJARYYaXRA bWFwY29tbXVuaWNhdGlvbnMuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEAuptAOQI2ub57mef9K8cXcaBWteQPwhXdXHY2usch5orBa20Yl0N8335s lIRvD2KwFPhOtjfM75WSWIG2ktkRYSArV0ZMBxATSFwfaCw+N4yqvXfAd0CRx9EJ VUWl5YXFuj/J7e6PEL9b/UcmrpCiWEaAvWqIess3w9Pu3qVJyjhhTr6u8s9YvHpM LIvucDbyaf/8P6Pqk1SGynL9tQdpO4jZ/8NmSGS9nXfKKqTVhNV1psBxt4iYJHNm +tOSbiuvVCQpNfBW0SaFssF6cXeSDWIeLDUrJeOEzmAHmFlmgDK6FO9bJ25RHxuC EJ9+Wi3CVQa0nk/06C+sRPnE9LUwTQIDAQABo4ICbjCCAmowDwYDVR0TAQH/BAUw AwEB/zALBgNVHQ8EBAMCAYYwHQYDVR0OBBYEFFHJLqTNx0Cro20/ighqjhRjSj6R MB8GA1UdIwQYMBaAFM7iqUHupBQB4lhORqGaAyK2Qt0TMIIBCgYDVR0fBIIBATCB /jCB+6CB+KCB9YaBtGxkYXA6Ly8vQ049Y2FocTAxLENOPW1hcGNvbS1hcHAtMDIs Q049Q0RQLENOPVB1YmxpYyUyMEtleSUyMFNlcnZpY2VzLENOPVNlcnZpY2VzLENO PUNvbmZpZ3VyYXRpb24sREM9bWFwY29tLERDPWxvY2FsP2NlcnRpZmljYXRlUmV2 b2NhdGlvbkxpc3Q/YmFzZT9vYmplY3RDbGFzcz1jUkxEaXN0cmlidXRpb25Qb2lu dIY8aHR0cDovL21hcGNvbS1hcHAtMDIubWFwY29tLmxvY2FsOjgwODAvQ2VydEVu cm9sbC9jYWhxMDEuY3JsMIHgBggrBgEFBQcBAQSB0zCB0DCBpgYIKwYBBQUHMAKG gZlsZGFwOi8vL0NOPWNhaHEwMSxDTj1BSUEsQ049UHVibGljJTIwS2V5JTIwU2Vy dmljZXMsQ049U2VydmljZXMsQ049Q29uZmlndXJhdGlvbixEQz1tYXBjb20sREM9 bG9jYWw/Y0FDZXJ0aWZpY2F0ZT9iYXNlP29iamVjdENsYXNzPWNlcnRpZmljYXRp b25BdXRob3JpdHkwJQYIKwYBBQUHMAGGGWh0dHA6Ly9tYXBjb20tYXBwLTAyOjgw ODAwGQYJKwYBBAGCNxQCBAweCgBTAHUAYgBDAEEwDQYJKoZIhvcNAQEFBQADggEB AI8ppSV7eJewQ2tABzyy4oqr34v2Eh4uTdHn9KfmE+9ajKZiEaWnoq4HDG8YKOwU Udrd7qIea//OXPpWgz7xfy5GgZJJyXYGPLGWnhY2upMFBO3DjQEKTbe+gHWDocHc Wy1d7/r6PZ+6a44fcV+1wUv8Z4YD+tLQuXpOpJAq6i0WDa95BZBYSEfPle5FUdVy srOPSq0rFmumPDo07FdnHns49muQSqZZMBIsdmaZkbcv+SWsFNf3Sh6h24TYtHXU AgzZhLV9IYAat25pUo3oLa59x+tPRuv5Df6Pryn4TWXWEAa59Nc7Snlnr5RBuM/x jkKbnbUtuhWWcG2vXbe6G1U=
END CERTIFICATE-----
thanks. so it appears that a traffic monitoring system used in this corporate network environment is intercepting the secure connections by using a certificate that is unknown and therefore untrusted by firefox.
you could try if the following steps can address the issue: enter about:config into the firefox address bar (confirm the info message in case it shows up). right-click somewhere on the page to create a new boolean preference - name it security.enterprise_roots.enabled and set its value to false. then restart firefox.
otherwise if this didn't help either you should get in contact with your it department about how to best resolve that...
Hi philipp, Thanks for giving me another option, but I am getting the same results. Unfortunately, I'm in the IT department doing some testing. I will go through this with the Firewall guy, and see if he has some ideas. Thanks
the certificate used in the sample you gave is no genuine mozilla cert but something that is injected by a network appliance i suppose:
Issuer: emailAddress = it@mapcommunications.com commonName = mapcom.local organizationalUnitName = MAP Communications organizationName = HQ localityName = Chesapeake stateOrProvinceName = Virginia countryName = US
you might have to import this certificate into the browser's trust store to fix this issue - https://wiki.mozilla.org/CA:AddRootToFirefox
Thanks to everyone for your help. I think I am just going to have to go back to an earlier version that is compatible with our infrastructure, and rely on the corporate firewalls and anti-virus.
Modified
I don't think earlier versions of Firefox behaved differently in this regard.
Did your Firefox perform a Refresh during the last update? The tell-tale sign in an Old Firefox Data folder on your desktop. If you have that, you could try using the cert8.db file from your old profile folder in your current one, since that file presumably was already set up to work with the "man in the middle."
Hi jscher2000, It did create the Old Firefox Data folder on the desktop. I will try to substitute the cert8.db file as you suggest and let you know how it goes. Thanks
Chosen Solution
Using the old cert8.db did not work either. What did work was copying the Corporate Certificate Authority Certificate to Firefox. The steps are below.
1) From the Windows Certificate Manager - Start -> enter certmgr.msc in the search programs and files box. 2) Under Trusted Root Certification Authorities -> Certificates -> find the Corporate Root Certificate and double-click on it (i.e. Corp01), a new window will open. In the new window, click on the Details tab. 3) Then click on Copy to File, follow the prompts and use the default settings, place the file on the desktop with the same certificate name (i.e. Corp01) Click on Finish and Export was successful will appear. 4) Open Firefox. Use the tools icon to go to Options -> Advanced -> Certificates 5) Click on View Certificates 6) Go to the Authorities tab 7) Click on Import 8) Navigate to the Certificate file you created (i.e. Corp01) and click Open then OK to complete. The Certificate will now be in the Firefox Certificate table. 9) Close and then restart Firefox.
You should now be able to view the websites correctly.
This occurs when your IT staff decrypts traffic coming to and going from your network and the internet to determine if there are any malicious site being visited or corporate policies being violated. So traffic comes in encrypted, gets decrypted and analyzed, then re-encrypted and sent along.
Thanks to all of you who gave me suggestions.
Modified
That was very good work. Well done. Please flag your last post as Solved Problem so others will know.