为提升您的使用体验,本站正在维护,部分功能暂时无法使用。如果本站文章无法解决您的问题,您想要向社区提问的话,请到 Twitter 上的 @FirefoxSupport 或 Reddit 上的 /r/firefox 提问,我们的支持社区将会很快回复您的疑问。

搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

i found one solution for firefox certificate problems

more options

When trying to go to websites using Firefox,i kept getting a message saying there was a problem with a certificate. So i went to Advanced and clicked on Add Exception. This worked for some websites but not others because some did not have the option to "Add Exception" . I even got the certificate problem with the Firefox and the Wikipedia sites, i think. This problem may have come about because i first started to have a problem a few days ago with a redirect popup when clicking on websites which said to purchase a File Converter. To try to stop this redirect popup, i tried Zemana, then Malwarebytes. After trying Malwarebytes, i think this is when the problem of certificates began. Also, many times a Malwarebytes message came up saying that an outbound trojan had been blocked. Microsoft Edge and Google Chrome did not have the certificate problem, but did have the message about the outbound trojan. I read several articles on the Firefox Support for the certificate problem and the Malwarebytes site about the outbound trojan. But so far the only thing that got rid of the certificate and outbound trojan problems was when i tried Hitman Pro yesterday.

When trying to go to websites using Firefox,i kept getting a message saying there was a problem with a certificate. So i went to Advanced and clicked on Add Exception. This worked for some websites but not others because some did not have the option to "Add Exception" . I even got the certificate problem with the Firefox and the Wikipedia sites, i think. This problem may have come about because i first started to have a problem a few days ago with a redirect popup when clicking on websites which said to purchase a File Converter. To try to stop this redirect popup, i tried Zemana, then Malwarebytes. After trying Malwarebytes, i think this is when the problem of certificates began. Also, many times a Malwarebytes message came up saying that an outbound trojan had been blocked. Microsoft Edge and Google Chrome did not have the certificate problem, but did have the message about the outbound trojan. I read several articles on the Firefox Support for the certificate problem and the Malwarebytes site about the outbound trojan. But so far the only thing that got rid of the certificate and outbound trojan problems was when i tried Hitman Pro yesterday.

所有回复 (4)

more options

Edit: Before trying Hitman Pro, i uninstalled Malwarebytes. The Hitman also got rid of the redirect popups, so far.

由craig22于修改

more options

Hi craig22, it sounds like you were able to chase off a "man in the middle" that was intercepting your browsing. All good now??

For future reference, you should never need to create exceptions for well-run sites. Getting a certificate error for such sites (unless it's a matter of a certificate expiring, which happens) should ring alarm bells for you.

One possible reason for the difference between browsers is that malware will inject a certificate into the Windows system certificate store, which fools IE and Chrome, but not into Firefox's separate certificate store. So Firefox is not fooled and throws up errors for every HTTPS site.

Now, was the man in the middle security software, or malware? We don't know; now that it's gone, we can't go back and figure that out.

I think at this point, if you were doing any browsing on sensitive sites while the (unknown) man in the middle was installed, you should change your passwords for those sites since it's hard to know what it was doing with the information on the pages it intercepted during that time.

Also, I suggest removing the exceptions you added in Firefox:

  • Windows: "3-bar" menu button (or Tools menu) > Options
  • Mac: "3-bar" menu button (or Firefox menu) > Preferences
  • Linux: "3-bar" menu button (or Edit menu) > Preferences
  • Any system: type or paste about:preferences into the address bar and press Enter/Return to load it

In the search box at the top of the page, type cert and Firefox should filter to the "View Certificates" button, which you can click.

The Servers tab would have any exceptions you saved. You can spot them by the site name in the Server column. Don't remove the ones with *, those are special blocking entries for distrusted certificates.

more options

You can check if there is more detail available about the issuer of the certificate.

  • click the "Advanced" button show more detail
  • click the blue error text (SEC_ERROR_UNKNOWN_ISSUER) to show the certificate chain
  • click "Copy text to clipboard" and paste the base64 certificate chain text in a reply

If clicking the blue error text doesn't provide the certificate chain then try these steps to inspect the certificate.

  • open the Servers tab in the Certificate Manager
    • Options/Preferences -> Privacy & Security
      Certificates: View Certificates -> Servers: "Add Exception"
  • paste the URL of the website (https://xxx.xxx) in it's Location field

Let Firefox retrieve the certificate -> "Get Certificate"

  • click the "View" button and inspect the certificate

You can see detail like the issuer of the certificate and intermediate certificates in the Details tab.

more options

You know, cor-el's post reminded me that the exceptions you already saved to the Servers tab of the Certificate Manager could be checked for the "Issuer" to see whether that identifies the man in the middle. Sorry for not thinking of that before.