HTTPS breaks on certain websites randomly
I'm on Win 7 and FF 37.0.2. I've been getting this for a while now. I've noticed it happen on google domains (google.com, gmail, youtube) and twitter.
These are my enabled addons: http://i.imgur.com/JXrGUtr.png.
I started using SSleuth and this is what it showed me when the issue happened on Twitter: http://i.imgur.com/MBgWVVe.png. Normally it's http://i.imgur.com/JFGpbRh.png.
This issue persisted across Windows installs. Maybe it was some of the Windows services I disabled affecting this?
I had the same addons (changed from ABE to uBlock) in my previous Windows install as well. I also did some modifications to the about:config, although I've gone over it a few times and nothing seems to be related to this.
The browser console (one accessed via inspect element) doesn't show any messages about insecure content being loaded.
Even if I refresh the page (with ctrl+ r) the issue stays. If I go to the url bar and hit enter then the page fully loads and the https padlock is as expected.
I don't have any anti virus/etc installed.
My system time is only 1~2 sec off according to http://time.is/.
This issue happens very rarely but it concerns me.
My user.js file (certain parts redacted) https://gist.github.com/anonymous/fad3f61bf323dabfd391
All Replies (3)
So I have two twitter tabs pinned. One breaks https and the other doesn't. I've disabled plugins+addons. When I close the browser and restart it, the tab that broke https is still breaking it whilst the other is seemingly fine. Ctrl+r-ing the tab doesn't change anything either.
Is that really the content of the user.js file and not the content of prefs.js?
Did you copy at one time the full content of a prefs.js file to user.js?
The user.js file shouldn't have all these prefs because they will be set to that state each time you start Firefox.
You should edit the user.js file and only leave prefs in it that you have set via the user interface or directly on the about:config page and you know what they are about. See also the comments in the Firefox source code:
Did you check the Domains tab in the SSleuth extension?
Did you check the certificate chain in both cases?
Are that pinned tabs or normal tabs?
Are you using a bookmark (a bookmark can include POST data)?
Did you try to close the tab(s) and recreate them (Firefox remembers the opening URL)?
You can retrieve the certificate and check details like who issued certificates and expiration dates of certificates.
- Click the link at the bottom of the error page: "I Understand the Risks"
- Let Firefox retrieve the certificate: "Add Exception" -> "Get Certificate"
- Click the "View" button and inspect the certificate and check who is the issuer.
You can see more details like the intermediate certificates that are used in the Details tab.