This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Firefox Updater invalid security certificate

  • 1 reply
  • 1 has this problem
  • 11 views
  • Last reply by cor-el

more options

I rebooted my Windows computer and the automatic updater for Firefox started up, but my firewall blocked it because it said it had an invalid security certificate. I tried to allow it, but it again said I had an invalid certificate. I then blocked it, and it gave the same message. So I rebooted my computer again, and Firefox came up working properly, saying I had the newest Firefox version.

The firewall (via Norton Security) said there were less than 5 persons using this installer. That alone is weird.

What should I do the next time this happens? Thanks!

I rebooted my Windows computer and the automatic updater for Firefox started up, but my firewall blocked it because it said it had an invalid security certificate. I tried to allow it, but it again said I had an invalid certificate. I then blocked it, and it gave the same message. So I rebooted my computer again, and Firefox came up working properly, saying I had the newest Firefox version. The firewall (via Norton Security) said there were less than 5 persons using this installer. That alone is weird. What should I do the next time this happens? Thanks!

All Replies (1)

more options

It is possible that Firefox retrieved files via an open http connection that got upgraded to https causing this issue because the server doesn't have a proper certificate. Firefox will use a hash that is part of the update.xml files (retrieved via https) to verify that the file is correct, so it doesn't matter the http is used and not https.