MUST be able to connect in spite of "site uses HTTP Strict Transport Security (HSTS)"
FF MUST FIND A WORKAROUND FOR THIS ERROR: "The owner of www.xxxxx.blogspot.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website. This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox may only connect to it securely. As a result, it is not possible to add an exception for this certificate."
Absolutely not acceptable that FF prevents a user from doing what he desires to do. I'm not using any 3rd party security stuff that would demand certificates.
Maybe the blog owner has created his page using some code that conflicts with the higher doman, but there is no way to TELL him since I can't see the page... It is up to FF to somehow workaround this so that I, the USER, can control my tool. An uncontrollable tool is at best useless & at worst dangerous
Chosen solution
VerizonSucks said
I played with turning HTTPS Everywhere on & off... it noticed that the option to "turn it off for this site" has no effect either -- when I Reload the same FireFox blocking comes up.
Turning it off would let you use HTTP instead of HTTPS on the address. But you need to do the edit yourself.
Read this answer in context 👍 0All Replies (10)
Please update to Firefox 66.0.5 and let us know if you still have issues.
There is security software like Avast, Kaspersky, BitDefender and ESET that intercept secure connection certificates and send their own.
https://support.mozilla.org/en-US/kb/firefox-cant-load-websites-other-browsers-can
https://support.mozilla.org/en-US/kb/firefox-and-other-browsers-cant-load-websites
https://support.mozilla.org/en-US/kb/secure-connection-failed-error-message
https://support.mozilla.org/en-US/kb/connection-untrusted-error-message
Websites don't load - troubleshoot and fix error messages
http://kb.mozillazine.org/Error_loading_websites
What do the security warning codes mean
- MOZILLA_PKIX_ERROR_MITM_DETECTED
- uses an invalid security certificate SSL_ERROR_BAD_CERT_DOMAIN
- configured their website improperly
How to troubleshoot the error code "SEC_ERROR_UNKNOWN_ISSUER" on secure websites https://support.mozilla.org/en-US/kb/troubleshoot-SEC_ERROR_UNKNOWN_ISSUER
Hi VerizonSucks, do you use HTTPS Everywhere or a similar extension that upgrades HTTP to HTTPS?
I think there is an error in the link. Try it without the www.
in the URL.
When you do not use HTTPS, the www subdomain is redirected to a URL without www.
However, when you use HTTPS, there is a certificate error because Google's global certificate covers:
*.blogspot.com
but not
*.*.blogspot.com
(not sure that would be legal?).
So the redirect fails because a non-matching certificate is sent back.
But this problem should not arise if you use the official URL of this Blogspot site instead of one with an extra www on the front.
Modified
I do use HTTPS Everywhere, but I disabled it.
The address in the URL bar is https://www.xxxx.blogspot.com/ of course the xxxx is redacted for privacy.
I played with turning HTTPS Everywhere on & off... it noticed that the option to "turn it off for this site" has no effect either -- when I Reload the same FireFox blocking comes up.
I'm on the FF Ver 60.6.3 esr which is the latest esr. I'm running OSX 10.11.16 El Capitan.
Removing the www makes the site load. That's weird... since when do URLs function without being prefixed by www?
VerizonSucks said
Removing the www makes the site load. That's weird... since when do URLs function without being prefixed by www?
It's not that weird; Twitter doesn't use www. Sites like mail.yahoo.com do not use www.
The problem here is there is a redirect on the www address that works on HTTP, but it can't work on HTTPS because the certificate on the redirector doesn't match the individual sites.
Chosen Solution
VerizonSucks said
I played with turning HTTPS Everywhere on & off... it noticed that the option to "turn it off for this site" has no effect either -- when I Reload the same FireFox blocking comes up.
Turning it off would let you use HTTP instead of HTTPS on the address. But you need to do the edit yourself.
So a general solution is to see if removing (or maybe adding) the www makes the site work.
The FF error msg ought to give hints like that.
VerizonSucks said
So a general solution is to see if removing (or maybe adding) the www makes the site work. The FF error msg ought to give hints like that.
Firefox doesn't usually suggest that you have the wrong address unless there is no response from the server or the server says the page was not found. If you are using a link you found in search results or got from the site, usually it's a good address.
This address is embededded in a blog in the "other blogs I follow" section. Probably dates back to before HTTPS existed.