Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

Die Funktionalität dieser Website ist durch Wartungsarbeiten eingeschränkt, die Ihr Erlebnis verbessern sollen. Wenn ein Artikel Ihr Problem nicht löst und Sie eine Frage stellen möchten, können Sie unsere Gemeinschaft über @FirefoxSupport auf Twitter, /r/firefox oder Reddit fragen.

Hilfe durchsuchen

Vorsicht vor Support-Betrug: Wir fordern Sie niemals auf, eine Telefonnummer anzurufen, eine SMS an eine Telefonnummer zu senden oder persönliche Daten preiszugeben. Bitte melden Sie verdächtige Aktivitäten über die Funktion „Missbrauch melden“.

Weitere Informationen

Firefox Lists Site as Connection Not Secure

more options

Using Firefox 99.0 (64 bit) on Windows 10 I get "connection not secure" even though the website certificate appears valid for https://primelab.io I have also tried this on my Macbook with the same result. If I use Chrome on my Macbook or Windows 10 the website says its secure. Is there a test that I can run to see whats causing https://primelab.io to come up as Connection Not Secure in Firefox?

Using Firefox 99.0 (64 bit) on Windows 10 I get "connection not secure" even though the website certificate appears valid for https://primelab.io I have also tried this on my Macbook with the same result. If I use Chrome on my Macbook or Windows 10 the website says its secure. Is there a test that I can run to see whats causing https://primelab.io to come up as Connection Not Secure in Firefox?
Angefügte Screenshots

Alle Antworten (2)

more options

Looks like parts of the website are not secure. When I have HTTPS-Only mode enabled then it comes across as secure. ( Tools -> Settings -> Privacy & Security -> HTTPS-Only Mode section. )

Looking at the source code of the page, looks like there are a couple images being loaded with HTTP protocol which is probably causing the mixed response message.

more options

The attached screenshot showing what images loaded and what the DevTools console says about the insecure images, is from my old test page: https://www.jeffersonscher.com/res/mixed-display.html. You can choose the experience you prefer:

(1) Allow mixed: load insecure display content (images) into secure pages, show the warning lock icon (default in Firefox)

(2) Load upgradable images: try upgrading http to https on display content URLs, show a broken image icon if the source site doesn't support https (default in Chrome; hidden option in Firefox)

(3) Ignore insecure images: do not attempt to load insecure display content into secure pages, show a broken image icon for those images (hidden option in Firefox)


And here's how you play with it:

(A) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button accepting the risk.

More info on about:config: Configuration Editor for Firefox. The moderators would like us to remind you that changes made through this back door aren't fully supported and aren't guaranteed to continue working in the future. Since we have had this setting for a long time and I use it myself, I feel comfortable mentioning it.

(B) In the search box in the page, type or paste display_content and pause while the list is filtered

Firefox should display two preferences:

  • security.mixed_content.block_display_content
  • security.mixed_content.upgrade_display_content

If you want option (1) -- Firefox default:

(C) Set the preferences as follows:

  • security.mixed_content.block_display_content => false (if needed, double-click to switch true to false)
  • security.mixed_content.upgrade_display_content => false (if needed, double-click to switch true to false)

If you want option (2) -- like Chrome:

(C) Set the preferences as follows:

  • security.mixed_content.block_display_content => either works
  • security.mixed_content.upgrade_display_content => true (double-click to switch false to true)

If you want option (3) -- obsolete now that we have option (2):

(C) Set the preferences as follows:

  • security.mixed_content.block_display_content => true (double-click to switch false to true)
  • security.mixed_content.upgrade_display_content => false (if needed, double-click to switch true to false)