This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Caută ajutor

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Află mai multe

Acest fir de discuție a fost arhivat. Adresează o întrebare nouă dacă ai nevoie de ajutor.

Firefox Lists Site as Connection Not Secure

more options

Using Firefox 99.0 (64 bit) on Windows 10 I get "connection not secure" even though the website certificate appears valid for https://primelab.io I have also tried this on my Macbook with the same result. If I use Chrome on my Macbook or Windows 10 the website says its secure. Is there a test that I can run to see whats causing https://primelab.io to come up as Connection Not Secure in Firefox?

Using Firefox 99.0 (64 bit) on Windows 10 I get "connection not secure" even though the website certificate appears valid for https://primelab.io I have also tried this on my Macbook with the same result. If I use Chrome on my Macbook or Windows 10 the website says its secure. Is there a test that I can run to see whats causing https://primelab.io to come up as Connection Not Secure in Firefox?
Capturi de ecran atașate

Toate răspunsurile (2)

more options

Looks like parts of the website are not secure. When I have HTTPS-Only mode enabled then it comes across as secure. ( Tools -> Settings -> Privacy & Security -> HTTPS-Only Mode section. )

Looking at the source code of the page, looks like there are a couple images being loaded with HTTP protocol which is probably causing the mixed response message.

more options

The attached screenshot showing what images loaded and what the DevTools console says about the insecure images, is from my old test page: https://www.jeffersonscher.com/res/mixed-display.html. You can choose the experience you prefer:

(1) Allow mixed: load insecure display content (images) into secure pages, show the warning lock icon (default in Firefox)

(2) Load upgradable images: try upgrading http to https on display content URLs, show a broken image icon if the source site doesn't support https (default in Chrome; hidden option in Firefox)

(3) Ignore insecure images: do not attempt to load insecure display content into secure pages, show a broken image icon for those images (hidden option in Firefox)


And here's how you play with it:

(A) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button accepting the risk.

More info on about:config: Configuration Editor for Firefox. The moderators would like us to remind you that changes made through this back door aren't fully supported and aren't guaranteed to continue working in the future. Since we have had this setting for a long time and I use it myself, I feel comfortable mentioning it.

(B) In the search box in the page, type or paste display_content and pause while the list is filtered

Firefox should display two preferences:

  • security.mixed_content.block_display_content
  • security.mixed_content.upgrade_display_content

If you want option (1) -- Firefox default:

(C) Set the preferences as follows:

  • security.mixed_content.block_display_content => false (if needed, double-click to switch true to false)
  • security.mixed_content.upgrade_display_content => false (if needed, double-click to switch true to false)

If you want option (2) -- like Chrome:

(C) Set the preferences as follows:

  • security.mixed_content.block_display_content => either works
  • security.mixed_content.upgrade_display_content => true (double-click to switch false to true)

If you want option (3) -- obsolete now that we have option (2):

(C) Set the preferences as follows:

  • security.mixed_content.block_display_content => true (double-click to switch false to true)
  • security.mixed_content.upgrade_display_content => false (if needed, double-click to switch true to false)