Untrusted Connection Messages
I am using Firefox 24 on Win7 Enterprise - not sure when the upgrade from 23 was performed as it happens automatically. 2 days ago I started seeing "Untrusted Connection" warnings for almost every web site I attempt to visit - including mozilla.org. This is a work PC, with MS System Center 2012 Endpoint Protection installed per domain policy. This has been installed for months, and has never caused any issues - the "untrusted connection" warnings just started 2 days ago. I have accepted the untrusted connection for several web sites (google.com, mozilla.org) multiple times, but they seem to timeout after a few hours, so I need to accept them again. It wouldn't be so bad if it was a 1-time and done sort of issue.
I have read several other posts in this forum about deleting the cert8.db file and resetting Firefox. Also the one that seemed to be isolated to a Kaspersky product - which is not relevant to my situation. I've also tried the "No Proxy" setting in Options->Advanced->Connection->Settings, and that doesn't help.
I've used FF since it's original beta (in early 2000 I think) and it is my preferred browser. However, this pesky issue has caused me to switch to Chrome - at least until it is fixed.
Gewysig op
All Replies (7)
hello davewest01, could you tell us which error code is shown under technical details on the error message and when you inspect the certificate which issuer information it does contain (see screenshot)?
Attached is the warning I get just trying to access https://services.addons.mozilla.org/ Even though I already have added an exception to mozilla.org multiple times.
The second screenshot shows what the mozilla support forums look like. The content loads, but it looks like the style sheets will not.
that looks like you're on a corporate network, and the security/monitoring software of your employer is intercepting secure network traffic. it doesn't seem to be implemented properly for firefox (the certificates of the software have to be imported into firefox), so it looks like some sort of man-in-the-middle attack for the browser & that's why the warning shows up. you might want to try contacting your IT department about that.
Thank you for your reply, Philipp. I understand your explanation and agree that it is most likely related to our corporate security/monitoring software. What I still don't understand is why Firefox is the only browser exhibiting this behavior. Is this a "feature" that Chrome and IE do not have? And if so, is there any way to disable it?
firefox has its own security component/certificate store, whereas IE (and probably chrome too) fall back on the operating system's root certificates when they verify secure connections, so i suppose that's why you're only getting the error while using firefox. unfortunately this is such a basic component in establishing a secure connection over https:// that there is no way to disable such warnings.
as mentioned, it would probably best to contact you IT department and ask them if they can make available the root certificate to import in your browser.
Thank you for the information, Philipp. Our IT department only supports IE (version 8 unfortunately) , so I'm out of luck.
You can try to export the Kaspersky root certificate in IE and import this certificate in Firefox.