We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

firefox said dont trust this website and l clicked ok, want to undo that?

more options

Firefox kept saying that l should not trust this website and today when l opened the browser l clicked on "Dont trust" by mistake. Now l can't connect to the site and can't reverse my decision.

I need this site w to do my work, please assist

Firefox kept saying that l should not trust this website and today when l opened the browser l clicked on "Dont trust" by mistake. Now l can't connect to the site and can't reverse my decision. I need this site w to do my work, please assist

Isisombulu esikhethiweyo

Well, I get that, too, but I wasn't surprised because the error message —

SSL peer was unable to negotiate an acceptable set of security parameters. Error code: SSL_ERROR_HANDSHAKE_FAILURE_ALERT

— indicates that the site requires you to have installed/imported a particular certificate in Firefox as a personal certificate in order to use the site. Does that sound familiar?

Importing into Firefox is a separate step from importing into IE. Can your IT provide instructions?

Funda le mpendulo kwimeko leyo 👍 1

All Replies (14)

more options

I am not too sure what you saw and what you clicked on. I can not think of a standard message that you would click on and then get blocked from looking at a website.

Using the Firefox Refresh option may well solve the issue.

Note that will remove Firefox extensions you have added.

more options

did that and still face same problem, have attached pics

more options

The picture on the left would appear if the page is using an HTTPS address, and Firefox and the server do not agree on a "cipher" for encrypting data. I'll give you some steps to investigate that in a second.

I don't know what causes the picture on the right to appear. Is that an HTTP address or an HTTPS address? Can you provide a link to that page?


Could you check your Firefox settings to make sure you are allowing enough types of connections.

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful.

(2) In the search box above the list, type or paste TLS and pause while the list is filtered

(3) If you have any non-default settings (typically bolded and having a status of "user set"), you can make a note of the values in case they turn out to be important for some other reason, then right-click > Reset each prefer to its default value.

If you have any locked preferences (typically italicized), you may have an external lock file modifying your Firefox configuration.

(4) In the search box above the list, type or paste security.ss and pause while the list is filtered

(3) If you have any non-default settings (typically bolded and having a status of "user set"), you can make a note of the values in case they turn out to be important for some other reason, then right-click > Reset each prefer to its default value.

It's okay to set these to false (this works around any servers that have not yet been fixed for the Logjam vulnerability):

  • security.ssl3.dhe_rsa_aes_128_sha => false
  • security.ssl3.dhe_rsa_aes_256_sha => false

Again, if you have any locked preferences (typically italicized), you may have an external lock file modifying your Firefox configuration.

Did you change anything and did that make any difference?

more options

This is not a Firefox problem. There is everything wrong with how that server in the first screenshot is set up to make secure connections. In particular:

(1) The certificate cannot be linked to a trusted issuer. Firefox and Windows each come with a set of trusted issuer certificates, and browsers will trust a website's certificate if it is signed by a trusted authority. The link is missing in this case.

(2) The site uses only RC4 ciphers. No modern browsers accept RC4 ciphers as secure.

Those and additional problems are outlined here: https://www.ssllabs.com/ssltest/analyze.html?d=www.unibase.info

Now yes, you can force Firefox to connect with this site by changing a setting and setting Firefox to trust the untrustworthy certificate if there's no chance of correcting the server configuration. Does your employer understand that data cannot be exchanged securely with the server? The data being transmitted is not sensitive and if it were to be intercepted that wouldn't be a problem?

more options

https://www.unibase.info/

l still get the same error

I did not alter anything all was default

more options

Sorry, I was able to figure out the site from one of the screenshots and posted this comment about it: https://support.mozilla.org/questions/1137912#answer-915735

more options

yes they understand, please advise how to force firefox to trust. Thank you

more options

bhekib said

yes they understand, please advise how to force firefox to trust.

(0) Select and copy the host name of the insecure server:

www.unibase.info

(1) In a new tab, type about:config in the address bar and press Enter/Return. Click the button promising to be careful.

(2) In the search box above the list, type TLS and pause while the list is filtered

(3) Double-click the security.tls.insecure_fallback_hosts preference and either:

(A) If the value is currently blank: paste the insecure host name and click OK

(B) If the value is not currently blank: add a comma at the end, then paste the additional insecure host name after the comma and click OK

(4) Reload the insecure page bypassing the cache (Ctrl+Shift+r) and you should get a different error page that has an Advanced button

(5) Click the Advanced button to gain access to the Add Exception button to set your Firefox to trust the insecure server

more options

hi

I did and this is what l got in return again. see attached pic

more options

Isisombululo esiKhethiweyo

Well, I get that, too, but I wasn't surprised because the error message —

SSL peer was unable to negotiate an acceptable set of security parameters. Error code: SSL_ERROR_HANDSHAKE_FAILURE_ALERT

— indicates that the site requires you to have installed/imported a particular certificate in Firefox as a personal certificate in order to use the site. Does that sound familiar?

Importing into Firefox is a separate step from importing into IE. Can your IT provide instructions?

more options

Its resolved. thanks. Just one more thing see attached as this is how l ended up in this dillema in the first place

more options

FYI, clicking "Don't Trust This Website" removes the website hostname from the security.tls.insecure_fallback_hosts config option. So to reverse it, add the hostname back there. The steps to do that are described in this post (click "said" to view the entire message):

jscher2000 said

(0) Select and copy the host name of the insecure server:

Ilungisiwe ngu xerces8

more options

I already did that and this is what l get in return. See attached, there is a do not trust pop up that doesn't go away and keeps popping up in every new page l work on in that website

more options

If you are annoyed by that yellow bar, you could hide it using a custom style rule:

/* Hide "Firefox recommends that you don’t enter your password..." bar */
notification[value="weak-crypto"]{
  display: none !important;
}

Custom style rules can be applied to Firefox's interface using either the Stylish extension or a userChrome.css file. Stylish is easier, so let me describe that option.

(A) Install the Stylish extension from the Mozilla Add-ons site: https://addons.mozilla.org/firefox/addon/stylish/

(B) Before Stylish is activated, you'll need to restart Firefox (Firefox should display a link for that purpose)

(C) Create a new blank rule using the Stylish "S" icon on the toolbar -- click the icon > Write new style > Blank Style

If the icon does not appear, you can create a new blank rule from the Add-ons page. Either:

  • Ctrl+Shift+a (Mac: Command+Shift+a)
  • "3-bar" menu button (or Tools menu) > Add-ons

In the left column, click User styles, then above the (empty) list, click the Write New Style button.

(D) Firefox should open a new tab for editing, with the cursor in a large area to the right of a 1. Paste in the rule from earlier in this reply.

In another tab, load the page from the site that doesn't care about security and see that the yellow infobar is displayed.

Switch back to your new rule and click the Preview button to apply the rule. Then switch over to the insecure page and the bar should be invisible.

Does it work?

(E) Assuming it works the way you want, click in the space above the code (next to Name:) and type in a name like Hide Weak Crypto Warning Bar and click the Save button. You can close this tab now.