This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

HSTS in firefox 58 is blocking 90% of websites, Why?

  • 2 replies
  • 1 has this problem
  • 1 view
  • Last reply by oldpaul101

more options

This automatic addition of HSTS security in 58.0.1 is ridiculous! It has broken most web pages, even Mozilla support and google.com! The BBC news page is shorn of all graphics and trials with earlier versions don't seem to have succeeded . Google.com says: Your connection is not secure

The owner of www.google.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.

This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox may only connect to it securely. As a result, it is not possible to add an exception for this certificate.

Learn more…

Report errors like this to help Mozilla identify and block malicious sites' The advanced button just gives: www.google.com uses an invalid security certificate. The certificate is not trusted because the issuer certificate is unknown. The server might not be sending the appropriate intermediate certificates. An additional root certificate may need to be imported. Error code: SEC_ERROR_UNKNOWN_ISSUER. There is no button to give an exception . I'm running 57.0.4 in our other system and that seems to work better (Same Win10 but on Core i5) On this brand new AMDA6 7th Gen Win10 Lenovo running 1709 (Build 16299.192) I'm using IE to send this! I'll be installing 57.0.4 shortly to see if it fixed it. BTW the Add Images is broken. I've taken two screen shots and it won't send them. Just circles without end! I shall be looking for a ver 59 ASAP

This automatic addition of HSTS security in 58.0.1 is ridiculous! It has broken most web pages, even Mozilla support and google.com! The BBC news page is shorn of all graphics and trials with earlier versions don't seem to have succeeded . Google.com says: Your connection is not secure The owner of www.google.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website. This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox may only connect to it securely. As a result, it is not possible to add an exception for this certificate. Learn more… Report errors like this to help Mozilla identify and block malicious sites' The advanced button just gives: www.google.com uses an invalid security certificate. The certificate is not trusted because the issuer certificate is unknown. The server might not be sending the appropriate intermediate certificates. An additional root certificate may need to be imported. Error code: SEC_ERROR_UNKNOWN_ISSUER. There is no button to give an exception . I'm running 57.0.4 in our other system and that seems to work better (Same Win10 but on Core i5) On this brand new AMDA6 7th Gen Win10 Lenovo running 1709 (Build 16299.192) I'm using IE to send this! I'll be installing 57.0.4 shortly to see if it fixed it. BTW the Add Images is broken. I've taken two screen shots and it won't send them. Just circles without end! I shall be looking for a ver 59 ASAP

Chosen solution

hi, probably some software on your system is intercepting secure connections - please see How to troubleshoot security error codes on secure websites for common solutions for this.

Read this answer in context 👍 0

All Replies (2)

more options

Chosen Solution

hi, probably some software on your system is intercepting secure connections - please see How to troubleshoot security error codes on secure websites for common solutions for this.

more options

I'm running Kaspersky Total Security which has a different layout to the old V16. You have to go via Settings (the cog), select Additional, select Network Settings to find the Encrypted connection Setting! Setting it to Do Not Scan makes 59.0.1 work but I loose FIVE security functions: Safe Money, URL Advisor, Parental Control, Private Browsing and Anti Banner. I have used three of these and I shall be sad to loose them, Safe Money, Private browsing and anti banner. Anyway probably at the end of my licence period I shall be changing to another product after the scare with Kaspersky. Shame it has worked well for me for 5 years at least.