FIrefox incorrectly reporting pages as insecure
Several sites are blocked for me in spite of being well known reputable (i think!) sites.
Santander Personal Banking and Daybreak games are examples. Take daybreakgames. URL is:
I get the following message:
<<< The connection to auth.daybreakgames.com was interrupted while the page was loading.
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem.
>>>
If I click the (i) icon in the address bar to see site certificate info I see 'connection is not secure' Your connection to this server is not private.
Yes it is, it's HTTPS
I open the same site in Chrome (speak of the devil!) and it reports a valid certifificate, the connection is secure TLS (doesn't specify version) and that all resources on the server are served securely.
So who's right? I'm pretty damn sure a mid sized organisation like daybreakgames and a large bank like Santander are in fact secured by https
Any hints to kick firefox into some kind of sense appreciated.
Cheers
S
被采纳的解决方案
Hi Cor-el
Thanks for helping.
I've mostly fixed this, a long time ago I had changed security.tls.version.max to 1, this was a long time ago and when I logged in to Firefox it obviously had kept this setting.
This fixed the daybreakgames site. But there's still an issue with Santander, but now the link to accept the lower security works.
If I click on the (i) icon in the address bar it says that santander uses 'weak encryption'. So I guess this means Santander is at fault? I'm very surprised.
I will mark this as completed, thanks everyone for your time.
定位到答案原位置 👍 3所有回复 (11)
There is security software like Avast and Kaspersky and BitDefender and ESET that intercept secure connections and send their own certificate.
http://www.ehow.com/how_11385212_troubleshoot-reset-connection-firefox.html
https://support.mozilla.org/en-US/kb/server-not-found-connection-problem
https://support.mozilla.org/en-US/kb/firefox-cant-load-websites-other-browsers-can
https://support.mozilla.org/en-US/kb/secure-connection-failed-error-message
https://support.mozilla.org/en-US/kb/connection-untrusted-error-message
http://kb.mozillazine.org/Error_loading_websites
This Connection is Untrusted is sometimes caused because the computer system clock is wrong. Check the time / date / time zone settings.
Hi Fred
Many thanks for taking the time to reply.
The time/date settings are correct (NZ) and I'm just using the default Windows 10 security. This machine was very recently re-installed so it's almost a vanilla FF installation. I had this problem with Santander before the clean install as well.
Check your security software.
About all you can do is disable the default W10 defender which I have tried, also adding and removing a firefox exclusion
Have tried running FF in safe mode
Ensured it's not trying to connect via proxy
Cleared cache
IE11 and Chrome both connect without issue
Deleted cert8.db
由Simbosan于
hi, can you give us the following information about the issue with santander?:
- what is the error code shown when you click on advanced on that error page?
- please also give us more information about the error by clicking on the error code, copying the text to the clipboard and then pasting it here into a reply in the forum.
thank you!
Hi Phillip
Thanks for responding:
The error page is different for Santander, but the info from the address bar icon is the same:
Page <<< Your connection is not secure
The owner of retail.santander.co.uk has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.
Learn more…
Report errors like this to help Mozilla identify and block malicious sites
retail.santander.co.uk uses security technology that is outdated and vulnerable to attack. An attacker could easily reveal information which you thought to be safe. Advanced info: SSL_ERROR_NO_CYPHER_OVERLAP (Not secure) Try loading retail.santander.co.uk using outdated security
>>>
Icon <<< retail.santander.co.uk Your connection is not secure >
> Your connection to this site is not private, information you submit could be viewed by others.... >>>
I've tried deleting the cert8.db to refresh the certificate cache, still not working
Cheers
S
If you can't inspect the certificate via Advanced (I Understand the Risks) then try this:
Open the "Add Security Exception" window by pasting this chrome URL in the Firefox location/address bar and check the certificate:
- chrome://pippki/content/exceptionDialog.xul
In the location field of this window type or paste the URL of the website with the https:// protocol prefix (https://retail.santander.co.uk/).
- retrieve the certificate via the "Get certificate" button
- click the "View..." button to inspect the certificate in the Certificate Viewer
You can inspect details like the issuer and the certificate chain in the Details tab of the Certificate Viewer. Check who is the issuer of the certificate. If necessary then please attach a screenshot that shows the Certificate Viewer with the issuer.
选择的解决方案
Hi Cor-el
Thanks for helping.
I've mostly fixed this, a long time ago I had changed security.tls.version.max to 1, this was a long time ago and when I logged in to Firefox it obviously had kept this setting.
This fixed the daybreakgames site. But there's still an issue with Santander, but now the link to accept the lower security works.
If I click on the (i) icon in the address bar it says that santander uses 'weak encryption'. So I guess this means Santander is at fault? I'm very surprised.
I will mark this as completed, thanks everyone for your time.
There is no problem with the retail.santander.co.uk server.
Did you check the issuer?
- Entrust Certification Authority - L1M
Hi Cor-el, not sure what you mean by check the issuer.
I reset all firefox settings to default (excluding some normal config items) and now Santander seems fine.
I must have set that TSL setting a looong ago, can't remember why, and because I use Firefox sync it's followed me around forever.
Storing settings online muddies the water sometimes, never quite sure if you have a 'fresh' installation.
Thanks again for your help
please try this & see if it makes a difference on santander: enter about:config into the firefox address bar (confirm the info message in case it shows up) & search for all custom preferences (=shown in bold) starting with security. & reset them to their default value by right-clicking them.