Certificate Issue With Outlook
I have a Windows 7 laptop and Firefox was updated yesterday 30/03/18 to version 59.0.2 (32 Bit).
When I go onto Outlook.com the green padlock changes to amber and displays a message "Outlook.Live.com is not secure". This changed a few updates ago and has not been corrected with recent updates. Up to the change both Firefox and Outlook were working as expected.
Looking at the Firefox "More Information" tab (top left) and then the right arrow on "Support.mozilla.org" and "More Information" under the "General" tab, I get:
Address: https://outlook.live.com/owa/?path=/mail/inbox Referring URL: https://login.live.com
Under the "Security" tab
Verified by: not specified
Comparing this with another laptop running Windows Vista with Firefox version 52.7.3 - the only difference that I can see is that the "address" and "Referring URL" are slightly different and swopped about.
Address: https://outlook.live.com/owa Referring URL: https://login.live.com/ppsecure............................6......6....L.......................etc etc
Under the "Security" tab Verified by: DigiCert Inc
The DigiCert certificates are the same on both laptops.
Will changing the "address" and "Referring URL" field contents solve the problem as each machine seems to be referencing different URL's.
How do I change the contents of the "address" and "Referring URL"?
Or are I barking up the wrong tree?
Wšykne wótegrona (8)
There is security software like Avast, Kaspersky, BitDefender and ESET that intercept secure connections and send their own certificate.
https://support.mozilla.org/en-US/kb/firefox-cant-load-websites-other-browsers-can
https://support.mozilla.org/en-US/kb/firefox-and-other-browsers-cant-load-websites
https://support.mozilla.org/en-US/kb/secure-connection-failed-error-message
https://support.mozilla.org/en-US/kb/connection-untrusted-error-message
http://kb.mozillazine.org/Error_loading_websites
https://support.mozilla.org/en-US/kb/what-does-your-connection-is-not-secure-mean
Thanks for the info.
The certificate looks identical between both laptops it just looks like the Win7 laptop is looking at the wrong URL's.
Is it possible to edit the fields in the Firefox "More Information" tab (top left) and then the right arrow/"Support.mozilla.org"/"More Information"/"General" tab to point to the same URL's. Is the info in the registry?
If you use a bookmark then navigate to the web page starting with the main page or the sign in page in case there is a problem with this bookmark.
You can check the connection settings.
- Options/Preferences -> General -> Network: Connection -> Settings
If you do not need to use a proxy to connect to internet then try to select "No Proxy" if "Use the system proxy settings" or one of the others do not work properly.
See "Firefox connection settings":
Try these steps to inspect the certificate.
- open the Server tab in the Certificate Manager
- Options/Preferences -> Privacy & Security -> Certificates: View Certificates -> Servers: "Add Exception"
- paste the URL of the website (https://xxx.xxx) in it's location field.
Let Firefox retrieve the certificate -> "Get Certificate"
- click the "View" button and inspect the certificate
You can see detail like the issuer of the certificate and intermediate certificates in the Details tab.
Certificate Manager/Servers There are 2 active exceptions on both the Vista and Win7 laptops Both say "Could not verify this certificate because it is not trusted" they are: DigiNotar Root CA DigiNotar PKIoverheid CA Organisatie - G2.
Certificate Authorities There are very many certificate listed.
The Vista laptop under Security shows DigiCert Cloud Services CA-1 and under the Certificate Hierarchy shows Outlook.live.com whereas the Win7 doesn't show Outlook under the Certificate Hierarchy.
Is the DigiCert or Outlook certificate corrupt?
Did you try to inspect the certificate via the steps I posted above?
Then we can see if the issuer is wrong.
You can also try to rename/remove cert9.db and cert8.db to see if that has effect.\
You can use the button on the "Help -> Troubleshooting Information" (about:support) page to go to the current Firefox profile folder or use the about:profiles page.
- Help -> Troubleshooting Information -> Profile Directory:
Windows: Show Folder; Linux: Open Directory; Mac: Show in Finder - http://kb.mozillazine.org/Profile_folder_-_Firefox
RosmaryCrackers said
When I go onto Outlook.com the green padlock changes to amber and displays a message "Outlook.Live.com is not secure".
The entire lock changes color? Or you get a gray lock with an amber-colored warning triangle on it like the second image here:
<center> </center>That icon indicates mixed content in the page. For example, if someone sent you a message and embedded images on an HTTP address instead of an HTTPS address. Firefox will still retrieve the image but flag the issue with the warning lock icon.
cor-el & jscher2000
I think I was getting confused about what I was asking.
The scenario I have is as follows:
I open Firefox browser and the padlock is green.
I open the web based Outlook and the sign in and the padlock is still green.
In Outlook Inbox I open an email without mixed content and the padlock stays green and under the "site information" Outlook.Live.com I have a secure connection. I then close the email.
In Outlook Inbox I open an email WITH mixed content and the padlock turns grey with an amber triangle and now I have under the "site information" Outlook.Live.com a "connection is not secure". I then close the email.
If I then open up the previous email without mixed content again the padlock stays grey with the amber triangle and doesn't return to a green padlock and under the "site information" Outlook.Live.com a "connection is not secure".
The only way to get the green padlock back again is to close Outlook and re-sign in and only open emails without mixed content.
Is this the normal firefox operation? Should the padlock colour not toggle dependant on the email content?
Are the emails after opening a mixed content email still encrypted and safe?
I have to admit that I hadn't noticed the change of padlock colour in outlook as I'd naively always assumed that emails were secure.
Outlook might not remove the mixed content when you close a message. Unless you see the page reloading, it could just be hidden.
You could try one of these actions instead of completely signing out if they are faster for you:
- reload the Inbox in the current tab bypassing the cache (Shift+click the reload button, or press Ctrl+Shift+r)
- open the Inbox in a new tab by clicking in the address bar and pressing Alt+Enter (the new tab should have a green lock); then you can close the old tab