This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Hierdie gesprek is in die argief. Vra asseblief 'n nuwe vraag as jy hulp nodig het.

Can't open Paypal because of potential security risk.

  • 1 antwoord
  • 1 het hierdie probleem
  • 1 view
  • Laaste antwoord deur philipp

CRUGG
CRUGG
more options

Hey! When I want to go to paypal.com I get an error message with the title "Warning: Potential Security Risk Ahead". Below the title it says: "Nightly detected a potential security threat and did not continue to www.paypal.com. If you visit this site, attackers could try to steal information like your passwords, emails, or credit card details.

www.paypal.com has a security policy called HTTP Strict Transport Security (HSTS), which means that Nightly can only connect to it securely. You can’t add an exception to visit this site."

I don't think PayPal is in-secure.

I tried many answers I found here, like going to about:config and changing security.tls.version.max from the default of 4 to 3 etc.

Hey! When I want to go to paypal.com I get an error message with the title "Warning: Potential Security Risk Ahead". Below the title it says: "Nightly detected a potential security threat and did not continue to www.paypal.com. If you visit this site, attackers could try to steal information like your passwords, emails, or credit card details. www.paypal.com has a security policy called HTTP Strict Transport Security (HSTS), which means that Nightly can only connect to it securely. You can’t add an exception to visit this site." I don't think PayPal is in-secure. I tried many answers I found here, like going to about:config and changing security.tls.version.max from the default of 4 to 3 etc.

All Replies (1)

philipp
philipp
  • Moderator
more options

hi, paypal is using an insecure symantec certificate - firefox is gradually revoking trust in those and as you are using a nightly build you're one of the first users noticing: https://blog.nightly.mozilla.org/2018/08/14/symantec-distrust-in-firefox-nightly-63/

a temporary workaround would be setting security.pki.distrust_ca_policy to 1 (but don't forget to reset that preference to the default later on once most common websites have adapted)