how do I prefer http, as a default, vs https?
This may seem like an odd request but I am on a work computer and, when browsing, any attempt at using https results in the "this page is not secure" warning which is fine. I think it has something to do with my employer's network settings.
My problem is, the warning is popping up for a very large proportion of websites: even when I do a simple duckduckgo.com search using the search bar it tries to do https and therefore gives me a security warning. I get around it by deleting the s from https in the address bar and then the search works fine. Doing this for every search, as well as other websites, however, is starting to drive me crazy. I acknowledge I don't have a secure connection, is there any way I can just browse using http the old fashion way without getting warnings every time I try to go to a website? I don't have this problem when using the search bar for Google or Wikipedia.
All Replies (5)
Which security software (firewall, anti-virus) do you have?
ESET has been reported to cause such issues by scanning secure connections.
I think it is running Symnatec Endpoint Protection. I never thought of security software causing this problem; do you think this issue could be solved by reconfiguring Symnatec's software?
could you post the error code that is shown when you click on the "technical details" section of the website.
also when there is a section "i understand the risks". please click on "add exception" > "view..." - what common name & organisation is the certificate issued by?
Technical Details:
duckduckgo.com uses an invalid security certificate.
The certificate is not trusted because no issuer chain was provided.
(Error code: sec_error_unknown_issuer)
The certificate is issued by Zscalar, who handles the organization's internet security. I understand the necessity for internet monitoring at work but getting security warnings so frequently as a result is really slowing me down. I hope this information helps, thank you very much for your assistance.
hello, is it possible to add a permanent exception for the zscalar-certificate (in case you're convinced that it is of ggod nature and part of your organizations security solution) when you click on "i understand the risks" on a error page?
in case this doesn't work, you'd probably have to contact the it-department and ask them to implement the valid root certificate of this zscalar-thingy into the firefox certificate store in order for the error messages to go away or to disable the module that scans ssl traffic.