http websites wont work with windows 10
Basically a lot of websites wont work on my firefox with windows 10, such as google, youtube, twitter and facebook, the error i get is:
This Connection is Untrusted
You have asked Firefox to connect securely to www.youtube.com, but we can't confirm that your connection is secure.
Normally, when you try to connect securely, sites will present trusted identification to prove that you are going to the right place. However, this site's identity can't be verified. What Should I Do?
If you usually connect to this site without problems, this error could mean that someone is trying to impersonate the site, and you shouldn't continue.
This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely. As a result, it is not possible to add an exception for this certificate.
Chosen solution
curtcurt said
its Microsoft Family Safety
If you do not need those parental controls, you can turn off that feature.
If you do need parental controls, you probably need to import a certificate so that Firefox will trust Microsoft Family Safety. (I would need to look up the details in a past thread.)
Read this answer in context 👍 2All Replies (9)
https://support.mozilla.org/en-US/kb/server-not-found-connection-problem
https://support.mozilla.org/en-US/kb/firefox-cant-load-websites-other-browsers-can
https://support.mozilla.org/en-US/kb/secure-connection-failed-error-message
https://support.mozilla.org/en-US/kb/connection-untrusted-error-message
http://kb.mozillazine.org/Error_loading_websites
This Connection is Untrusted is sometimes caused because the computer system clock is wrong. Check the time / date / time zone settings.
If you can't inspect the certificate via "I Understand the Risks" then try this:
Open this chrome URI by pasting or typing this URI in the location/address bar to open the "Add Security Exception" window and check the certificate:
- chrome://pippki/content/exceptionDialog.xul
In the location field type/paste the URL of the website
- retrieve the certificate via the "Get certificate" button
- click the "View..." button to inspect the certificate in the Certificate Viewer
You can inspect details like the issuer and the certificate chain in the Details tab of the Certificate Viewer. Check who is the issuer of the certificate.
In addition to the system date, time, and time zone, a common reason for this problem is your security software. If it filters your web connections, it typically needs to present "fake" certificates to Firefox in order to be able to decrypt and scan secure communications.
If you use Avast, Bitdefender, ESET or Kaspersky, when you check the certificates the way cor-el explained, you should see your security software in the "Issued by" section. If you see a pattern of something or someone else being listed there, that could indicate malware.
cor-el said
If you can't inspect the certificate via "I Understand the Risks" then try this: Open this chrome URI by pasting or typing this URI in the location/address bar to open the "Add Security Exception" window and check the certificate:In the location field type/paste the URL of the website
- chrome://pippki/content/exceptionDialog.xul
You can inspect details like the issuer and the certificate chain in the Details tab of the Certificate Viewer. Check who is the issuer of the certificate.
- retrieve the certificate via the "Get certificate" button
- click the "View..." button to inspect the certificate in the Certificate Viewer
its Microsoft Family Safety
Chosen Solution
curtcurt said
its Microsoft Family Safety
If you do not need those parental controls, you can turn off that feature.
If you do need parental controls, you probably need to import a certificate so that Firefox will trust Microsoft Family Safety. (I would need to look up the details in a past thread.)
jscher2000 said
curtcurt saidits Microsoft Family SafetyIf you do not need those parental controls, you can turn off that feature.
If you do need parental controls, you probably need to import a certificate so that Firefox will trust Microsoft Family Safety. (I would need to look up the details in a past thread.)
Yeah i took it off and everythings good now, thanks for the help everyone
Hello,
I am glad to hear that your problem has been resolved. If you haven't already, please select the answer that solves the problem. This will help other users with similar problems find the solution more easily.
Thank you for contacting Mozilla Support.
I had this problem too after upgrading to Win10Pro. (Everything was working under Win7Pro.) I'm pretty sure it wasn't a Microsoft Family Safety issue. But after looking at other posts (cor-el, jsher2000), and tracking down the CA chain for the certificates that failed, I found that a Bitdefender certificate was at the root, that was in Win10's cert store, but not in Firefox's. Exporting the Bitdefender cert from Win10 and importing to FF fixed the problem. Since I am using Bitdefender, jsher2000's description that security software like Bitdefender create their own fake certs so they can inspect the packets seems to partly explain this. What I don't understand is why it stopped working when upgrading to Win10. Did the Win10 installer invade FF's cert store and remove just the Bitdefender cert? (A possibility, if MS knows it's used to create fake certs and wants to protect against fakes, but I doubt it. The Win10 installer removed at least one of my programs, which I guess MS knows was incompatible with Win10.) Did FF used to look into Win7's cert store if it didn't find a cert in it's own cert store, and upgrading to Win10 confused FF as to where to find the Windows certs? Or did Bitdefender suddenly start using a new CA cert and neglected putting it into FF's store? (Bitdefender did insist on upgrading immediately after Win10 was installed.) If it's the 2nd option, could there be more problems with other certs? This also has me concerned -- if Bitdefender can inject itself into the store of certs in such a way that it becomes the "man in the middle", what's stopping some malware from doing the same? Also, I don't see Bitdefender as the root CA for every website I visit, so why does Bitdefender intervene with some websites, and not others? Also, I thought the whole idea how CAs are chained was supposed to make "man in the middle" impossible. But it's not impossible if you can get the browser to trust the fake certs.
Hi creigsmith, I think when BitDefender updated it changed its signing certificate, so the certificate previously stored by Firefox was obsolete and the trust relationship was broken until you imported the new certificate. I think that also is happening with Avast users upgrading to Windows 10.
Apparently the installers do update the Windows certificate store immediately so that Edge and IE and Chrome (which uses the system certificate store) can work with the new certificate transparently, but there seems to be the occasional delay or failure in updating Firefox's separate certificate store.
This also has me concerned -- if Bitdefender can inject itself into the store of certs in such a way that it becomes the "man in the middle", what's stopping some malware from doing the same?
Good question. Yes, any software that can execute on your system with a sufficient level of privileges has a good chance of being able to insert certificates into those files. It's a good reason to exercise caution when adding software to the computer, particularly in an age where "free" software often is bundled with lots of, um, garbage.
Also, I don't see Bitdefender as the root CA for every website I visit, so why does Bitdefender intervene with some websites, and not others?
I don't have any personal experience with BitDefender, but unless this feature is site-specific, I would expect it to be monitoring all traffic (evident with HTTPS traffic, invisibly with HTTP traffic).