How do I resolve continued recent "Insecure Connection" messgaes?
Your connection is not secure
The owner of www.google.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.
This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox may only connect to it securely. As a result, it is not possible to add an exception for this certificate.
Learn more…
Report errors like this to help Mozilla identify and block malicious sites
www.google.com uses an invalid security certificate.
The certificate is not trusted because the issuer certificate is unknown. The server might not be sending the appropriate intermediate certificates. An additional root certificate may need to be imported.
Error code: SEC_ERROR_UNKNOWN_ISSUER
Krejt Përgjigjet (7)
Hi just4kicksbbdn, the most common reason for the SEC_ERROR_UNKNOWN_ISSUER code is a "man in the middle". It could be your security software, or it could be malware. To help track it down, could you check this article: How to troubleshoot security error codes on secure websites.
You can check if there is more detail available about the issuer of the certificate.
- click the "Advanced" button show more detail
- click the blue error text (SEC_ERROR_UNKNOWN_ISSUER) to show the certificate chain
- click "Copy text to clipboard" and paste the base64 certificate chain text in a reply
If clicking the blue error text doesn't provide the certificate chain then try these steps to inspect the certificate.
- open the Servers tab in the Certificate Manager
- Options/Preferences -> Privacy & Security
Certificates: View Certificates -> Servers: "Add Exception"
- Options/Preferences -> Privacy & Security
- paste the URL of the website (https://xxx.xxx) in it's Location field
Let Firefox retrieve the certificate -> "Get Certificate"
- click the "View" button and inspect the certificate
You can see detail like the issuer of the certificate and intermediate certificates in the Details tab.
Peer’s Certificate issuer is not recognized.
HTTP Strict Transport Security: true HTTP Public Key Pinning: true
Certificate chain:
BEGIN CERTIFICATE-----
MIIDoDCCAoigAwIBAgIJAJqkhIxAmiolMA0GCSqGSIb3DQEBCwUAMGAxLTArBgNV BAMMJEJpdGRlZmVuZGVyIFBlcnNvbmFsIENBLk5ldC1EZWZlbmRlcjEMMAoGA1UE CwwDSURTMRQwEgYDVQQKDAtCaXRkZWZlbmRlcjELMAkGA1UEBhMCVVMwHhcNMTgx MDMwMTMxNDAwWhcNMTkwMTIyMTMxNDAwWjBoMQswCQYDVQQGEwJVUzETMBEGA1UE CAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNTW91bnRhaW4gVmlldzETMBEGA1UECgwK R29vZ2xlIExMQzEXMBUGA1UEAwwOd3d3Lmdvb2dsZS5jb20wggEiMA0GCSqGSIb3 DQEBAQUAA4IBDwAwggEKAoIBAQDx1lRorLcoAIBK8Xeeoc7nAFvmV3SdxxEiZ775 iiYXO8QE7vS4sQ9mvN4Kqz6f7r+AjshJkYRHe+O4i5EuB7jdhHh6eRvd/W+xXFsG d23tW9uJmyn2OosZUDh/1AJ6mmScLwQg73k+2rKPmfmmTmfdHAu5fWC5z4Ul4Gki keyxw2GCjcyRTo2mrY6iOUcnbHvcD1+gYzhFAJpnWkeXLs4LlB18+YpZKFWfBgQA YgotV4hJsQZVU+/OOJR0lNEfrEIUvhQwQJhQKXPne3+wPp0HqRnM6q/ObYPMvZ6b du4pYhRe2M07DOlKxG5B/9hEmKrCBUUm/QBxW0s6IOtJ2B91AgMBAAGjVTBTMDYG A1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly8xMjcuMTI3LjEyNy4xMjc6MzkzOS9kOTAx ZC5jcnQwGQYDVR0RBBIwEIIOd3d3Lmdvb2dsZS5jb20wDQYJKoZIhvcNAQELBQAD ggEBALiYJLtF+jl2107JITJIXP5onw7wsFMZXKi4ouZIHUsgi8hDLzk9wKRYXITS WlYjpSn1jHZUoE/q6lCrC3kWx8kEEySzS/HyUq26nIwwk6UwizhLVEjzoIO8By71 E/2K3H8mIskfaC262Kud0MyojSHaeDwbPAh7vzzsixGAdQZRvIYMT5b06o4/WdVf AJdchUDCQ2lHutKXPSe7dV/cEWKTLpCTvPFT39Pmbu10x7japfppXsGc8+gIToVK YaS6zrAeoi5zLh6k3H5AnYqr67Fm8fVSNrG9LEZjLoIwbyO6+cTSZUhxKACbWhwM 1xYsV2cZGEqkTrxSEovPaQkH6i0=
END CERTIFICATE-----
Thanks!!
Yes, it is our old friend:
Issuer [of the fake site certificate] = Bitdefender
The issuer of the certificate is your Bitdefender software.
- Subject C=US, ST=California, L=Mountain View, O=Google LLC, CN=www.google.com
- Issuer CN=Bitdefender Personal CA.Net-Defender, OU=IDS, O=Bitdefender, C=US
See:
- https://support.mozilla.org/en-US/kb/troubleshoot-SEC_ERROR_UNKNOWN_ISSUER
- https://www.bitdefender.com/consumer/support/answer/13426/
BitDefender Modules -> Online Threat Prevention -> Settings -> Web Protection:
Well, the Mozilla link answers what to do if you are running 2015 or 2016. Bitdefender has removing modules in 2019. I'm running Total Security 2018.
Found it! For Bitdefender Total Security 2018: Protection>Settings>Online Web Protection>Encrypted web scan>click off Problem solved although I don't feel really secure. Thanks!
Ndryshuar
Try this post from a user who got steps from Bitdefender support:
https://support.mozilla.org/questions/1220913#answer-1170493