Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

ابحث في الدعم

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

After upgrade to 45.0 Firefox says"my connection is not secure" when searching using GOOGLE in the toolbar.

more options

After my upgrade to 45.0, whenever i try to do a search in the toolbar, I get the following error:

Your connection is not secure

The owner of www.google.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.

This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely. As a result, it is not possible to add an exception for this certificate.

When I click the "ADVANCED" button, I get the following:

www.google.com uses an invalid security certificate. The certificate is not trusted because the issuer certificate is unknown. The server might not be sending the appropriate intermediate certificates. An additional root certificate may need to be imported. Error code: SEC_ERROR_UNKNOWN_ISSUER

This was never an issue, until the upgrade.

Please advise, thanks,

Winston

After my upgrade to 45.0, whenever i try to do a search in the toolbar, I get the following error: Your connection is not secure The owner of www.google.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website. This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely. As a result, it is not possible to add an exception for this certificate. When I click the "ADVANCED" button, I get the following: www.google.com uses an invalid security certificate. The certificate is not trusted because the issuer certificate is unknown. The server might not be sending the appropriate intermediate certificates. An additional root certificate may need to be imported. Error code: SEC_ERROR_UNKNOWN_ISSUER This was never an issue, until the upgrade. Please advise, thanks, Winston

All Replies (20)

more options

Hi Winston, during or after your update, did Firefox perform a Refresh? The tell-tale sign is an Old Firefox Data folder on your desktop, with a freshly updated semi-randomly-named folder inside. If you find that, hang onto it in case we need to restore anything.

Meanwhile, is Google the only secure site giving you problems or do you notice issues with other secure sites? When you get this for pretty much all secure sites, the problem usually is one of the following:

(1) Error in your system's date, time, or time zone, which throws off certificate validity checks. Sometimes allowing computers to use an internet-based time source can introduce this problem.

(2) Firefox not being set up to work with your security software that intercepts and filters secure connections. Products with this feature include Avast, BitDefender, Bullguard, ESET, and Kaspersky; AVG LinkScanner / SurfShield can cause this error on search sites.

(3) On Windows 10, Firefox not being set up to work with the parental control software Microsoft Family Safety. (To test by turning it off, see: http://windows.microsoft.com/en-us/wi.../turn-off-microsoft-family-settings)

(4) Malware on your system intercepting secure connections.

If you have any of those specific security products:

That would be the first thing to check. This support article will walk you through it: How to troubleshoot security error codes on secure websites.

If none of those ring a bell:

You could inspect a sample certificate to see whether that points to the culprit. If you want to try that now, here's how I suggest starting:

Load my test page at: https://jeffersonscher.com/res/jstest.php

Assuming you get a certificate error page:

Expand the "Advanced" button and look for an Add Exception button.

Note: You don't need to complete the process of adding an exception -- I suggest not adding one until we know this isn't a malware issue -- but you can use the dialog to view the information that makes Firefox suspicious.

Click Add Exception, and the certificate exception dialog should open.

Click the View button. If View is not enabled, try the Get Certificate button first.

This should pop up the Certificate Viewer. Look at the "Issued by" section, and on the Details tab, the Certificate Hierarchy. What do you see there? I have attached a screen shot for comparison.

more options

Thanks so much for quick reply. I'm using Windows 10, btw. I didn't notice if it did a REFRESH, but there is not a folder on my desktop. I've also not noticed issues with any other websites. The weird thing is, I get the error when i try do a search via Google in the toolbar. However, If I got to the Google site, the search works, but it does display that the connection is not secure.

I just changed the search default to Yahoo, and Bing, and both worked fine from the tollbar.

1. System date is correct 2. I'm using AVG Anti-Virus Free Edition 3. I'm not using Win10 family settings

Winston

more options

I just loaded your browser tests 2016 page, and did NOT get an error.

Winston

more options

Hmm, there's a small possibility that the program files got corrupted during the update. The Google search plugin is one component of a large compressed file in the program folder, so it can't be easily replaced as an individual element. Instead, we would suggest:

Clean Reinstall

We use this name, but it's not about removing your settings, it's about making sure the program files are clean (no inconsistent or alien code files). As described below, this process does not disturb your existing settings. Do NOT uninstall Firefox, that's not needed.

(A) Download a fresh installer for Firefox 45.0 from https://www.mozilla.org/firefox/all/ to a convenient location. (Scroll down to your preferred language.) For maximum plugin compatibility, choose the 32-bit version.

(B) Exit out of Firefox (if applicable).

(C) Rename the program folder as follows:

(32-bit Firefox on 64-bit Windows)

C:\Program Files (x86)\Mozilla Firefox

to

C:\Program Files (x86)\OldFirefox

(Other systems)

C:\Program Files\Mozilla Firefox

to

C:\Program Files\OldFirefox

(D) Run the installer you downloaded in step (A). It should automatically connect to your existing settings.

Any improvement in ability to access Google?

Note: Some plugins may exist only in that OldFirefox folder. If something essential is missing, look in these folders, but for obvious reasons, don't just copy everything over:

  • \OldFirefox\Plugins
  • \OldFirefox\browser\plugins
more options

Sorry, I missed the AVG part. Does your version include the LinkScanner or Online Shield feature? If so, please try disabling those specific features to see whether it makes any difference: https://support.avg.com/SupportArticleView?l=en_US&urlName=How-to-disable-individual-AVG-components

more options

I have the FREE version of AVG, and it doesn't seem to have either of thos features. I'll try the Clean Reinstall you mentioned, and see how that goes. I'm running 64 bit Win10, but will use the 32 bit , if you think that is better.

Winston

more options

Most people use 32-bit browsers even on 64-bit operating systems. (When you posted your question, your Firefox was the 32-bit version.)

more options

Ok, thanks I'll give it a shot. I thought I was running 64 bit, but they maybe have been my old machine.

Winston

more options

Sadly the clean re-install did not help. Yahoo and Bing work fine, Google is still giving me the un-secure connection error.  :-(

Win

more options

Could you check in another browser whether AVG is intercepting Google requests? Either Edge, IE or Chrome should show a padlock in the address bar that you can click and find your way to viewing the certificate for the site. I have attached a screenshot for reference/comparison. What do you see for issuer and certificate hierarchy?

more options

I don't get a padlock in Chrome, and it says the site is un-encrypted. I tried turning off AVG, but got the same results.

more options

Boot the computer in Windows Safe Mode with network support (press F8 on the boot screen or hold down the Shift key) to see if that has effect.


You can check the HTTP response headers in the Network Monitor.

more options

Winston42 said

I don't get a padlock in Chrome, and it says the site is un-encrypted.

Hmm, all Google searches should be encrypted. Even if you try loading http://www.google.com/ you should get redirected to the https page. It's suspicious...

Were you searching on the "real" Google or an AVG version of Google?

more options

Not sure what "real" google means, or AVG version. Please explain. Added a screen shot of what the address bar looks like in Chrome.

more options

I don't get it. Why doesn't Google redirect that page?

What if you explicitly use the secure version -- https://www.google.com/ -- what does the certificate look like there?

more options

I would assume that Google Chrome wouldn't connect to Google website because of HSTS information that is used by Google servers.

You can check the connection settings.

If you do not need to use a proxy to connect to internet then try to select "No Proxy" if "Use the system proxy settings" or one of the others do not work properly.

See "Firefox connection settings":

Boot the computer in Windows Safe mode with network support to see if that has effect in case security software is causing problems.


Do a malware check with several malware scanning programs on the Windows computer.

Please scan with all programs because each program detects different malware. All these programs have free versions.

Make sure that you update each program to get the latest version of their databases before doing a scan.

You can also do a check for a rootkit infection with TDSSKiller.

See also:

more options

Ok, that direct link in Chrome did give me the padlocked version of the Google site. I've attached a screen shot of the certificate info, which seems to show i have some type of malware somehow.

DO_NOT_TRUST_FiddlerRoot

Win

more options

Unless you are a web developer intentionally running the Fiddler HTTP debugging proxy, you probably have malware installed. In past threads, it went by names similar to Browser Safeguard. Can you check your Windows Control Panel, Uninstall a Program, and track down anything like that?

Modified by jscher2000 - Support Volunteer

more options

Not seeing anything suspicious in the Uninstall Program area of control panel.

more options

Try sorting by install date and see whether there is anything you don't recall intentionally installing.

If nothing unknown shows up, please use the malware cleaners listed by cor-el.

  1. 1
  2. 2