This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Every website returns "Your connection is not secure"

more options

I'm on a mac running OS 10.10.3 and just installed Firefox 47.0.1. However, I am unable to connect to any website but receive

"Your connection is not secure

The owner of www.google.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.

This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely. As a result, it is not possible to add an exception for this certificate."

This is the same message I receive for every website, including Mozilla. I have been unable to find a workaround and so far this has made the entire browser useless. It is only effecting Firefox, as Chrome and Safari are working perfectly fine.

I'm on a mac running OS 10.10.3 and just installed Firefox 47.0.1. However, I am unable to connect to any website but receive "Your connection is not secure The owner of www.google.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website. This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely. As a result, it is not possible to add an exception for this certificate." This is the same message I receive for every website, including Mozilla. I have been unable to find a workaround and so far this has made the entire browser useless. It is only effecting Firefox, as Chrome and Safari are working perfectly fine.

Isisombulu esikhethiweyo

When you get this for pretty much all secure sites, the problem usually is one of the following:

(1) Error in your system's date, time, or time zone, which throws off certificate validity checks. Sometimes allowing computers to use an internet-based time source can introduce this problem.

(2) Firefox not being set up to work with your security software that intercepts and filters secure connections. Products with this feature include Avast, BitDefender, Bullguard, ESET, and Kaspersky; AVG LinkScanner / SurfShield can cause this error on search sites.

If you have any of those specific security products: check this support article: How to troubleshoot security error codes on secure websites.

(3) On Windows 10, Firefox not being set up to work with the parental control software Microsoft Family Safety. (To test by turning it off, see: http://windows.microsoft.com/en-us/wi.../turn-off-microsoft-family-settings)

(4) Malware on your system intercepting secure connections.


If none of those ring a bell:

You could inspect a sample certificate to see whether that points to the culprit. If you want to try that now, here's how I suggest starting:

Load my test page at: https://jeffersonscher.com/res/jstest.php

You likely will get an error page. Expand the "Advanced" button and look for an Add Exception button.

Note: You don't need to complete the process of adding an exception -- I suggest not adding one until we know this isn't a malware issue -- but you can use the dialog to view the information that makes Firefox suspicious.

Click Add Exception, and the certificate exception dialog should open.

Click the View button. If View is not enabled, try the Get Certificate button first.

This should pop up the Certificate Viewer. Look at the "Issued by" section, and on the Details tab, the Certificate Hierarchy. What do you see there? I have attached a screen shot for comparison.

Funda le mpendulo kwimeko leyo 👍 24

All Replies (4)

more options

Isisombululo esiKhethiweyo

When you get this for pretty much all secure sites, the problem usually is one of the following:

(1) Error in your system's date, time, or time zone, which throws off certificate validity checks. Sometimes allowing computers to use an internet-based time source can introduce this problem.

(2) Firefox not being set up to work with your security software that intercepts and filters secure connections. Products with this feature include Avast, BitDefender, Bullguard, ESET, and Kaspersky; AVG LinkScanner / SurfShield can cause this error on search sites.

If you have any of those specific security products: check this support article: How to troubleshoot security error codes on secure websites.

(3) On Windows 10, Firefox not being set up to work with the parental control software Microsoft Family Safety. (To test by turning it off, see: http://windows.microsoft.com/en-us/wi.../turn-off-microsoft-family-settings)

(4) Malware on your system intercepting secure connections.


If none of those ring a bell:

You could inspect a sample certificate to see whether that points to the culprit. If you want to try that now, here's how I suggest starting:

Load my test page at: https://jeffersonscher.com/res/jstest.php

You likely will get an error page. Expand the "Advanced" button and look for an Add Exception button.

Note: You don't need to complete the process of adding an exception -- I suggest not adding one until we know this isn't a malware issue -- but you can use the dialog to view the information that makes Firefox suspicious.

Click Add Exception, and the certificate exception dialog should open.

Click the View button. If View is not enabled, try the Get Certificate button first.

This should pop up the Certificate Viewer. Look at the "Issued by" section, and on the Details tab, the Certificate Hierarchy. What do you see there? I have attached a screen shot for comparison.

more options

jscher2000 said

(2) Firefox not being set up to work with your security software that intercepts and filters secure connections. Products with this feature include Avast, BitDefender, Bullguard, ESET, and Kaspersky; AVG LinkScanner / SurfShield can cause this error on search sites. If you have any of those specific security products: check this support article: How to troubleshoot security error codes on secure websites.

This was my solution, I have Avast and disabling "Scan secure connections" in the web shield worked for me. However just disabling "Scan secure connections from browsers only" does not work.

more options

jscher2000:- The solutions you have suggested wont help with any user whom use this tool behind proxy or not an administrator; this issue has push us away from your product. any alternative solution that can do on the client site?

more options

Hi zikus, what proxy is it? You can set up Firefox to trust a proxy or other "man in the middle" by importing its signing certificate. For example, see: sec_error_bad_signature only via proxy for https website. Please start a new question for individual assistance with business products.