為了改善您的使用體驗,本網站正在進行維護,部分功能暫時無法使用。若本站的文件無法解決您的問題,想要向社群發問的話,請到 Twitter 上的 @FirefoxSupport 或 Reddit 上的 /r/firefox 發問,我們的社群成員將很快會回覆您的疑問。

搜尋 Mozilla 技術支援網站

防止技術支援詐騙。我們絕對不會要求您撥打電話或發送簡訊,或是提供個人資訊。請用「回報濫用」功能回報可疑的行為。

了解更多

Firefox does not work correctly with KAV 2017

more options

After installing KAV 2017 Firefox blocks many sites by unknown reasons, e.g. "your connection is not secure. The ownere of mykaspersky.comhas configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website. The site uses HTTP Strict Transport Security (HSTS) to specify that Firefox may only connect to it securely. As a result, it is not possible to add an exception for this certificate." This happens with many other websites, e.g. Visa, Amex etc. Absolute nonsens. Solution known ?

After installing KAV 2017 Firefox blocks many sites by unknown reasons, e.g. "your connection is not secure. The ownere of mykaspersky.comhas configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website. The site uses HTTP Strict Transport Security (HSTS) to specify that Firefox may only connect to it securely. As a result, it is not possible to add an exception for this certificate." This happens with many other websites, e.g. Visa, Amex etc. Absolute nonsens. Solution known ?

被選擇的解決方法

WernerP said

After installing KAV 2017 I did what is recommended, I installed the certificate (Kaspersky).

And that did not work? If you did not remove the authority certificate for the old version of Kaspersky, please try that in addition to importing the new certificate. Here's how:

Open Firefox's Certificate Manager:

"3-bar" menu button (or Tools menu) > Options

In the left column, click Advanced

On the right side, make sure the Certificates mini-tab is selected and then click the View Certificates button

In the Certificate Manager dialog, click the "Authorities" mini-tab (not the Personal or Servers mini-tab, which might initially be displayed by default)

If you see an existing "Kaspersky Anti-Virus Personal Root Certificate"

  • Select it and Click "Delete or Distrust" -- I'm not sure how to recognize the older vs. the newer one, but if you view the certificate, the newer one likely has a later expiration date

If you end up deleting all of them, you can re-import the newer one using the steps you used before.

If you can't find the newer certificate there, you could try importing it manually. These steps are from an older Kaspersky Forums post:

In the Certificate Manager, while viewing the Authorities tab, click "Import..."

Proceed to "C:\ProgramData\Kaspersky Lab\program-folder\Data\Cert\" either:

Windows XP: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP 17.00\Data\Cert

Later Windows: [To be determined]

Select "(fake)Kaspersky Anti-Virus Personal Root Certificate.cer" and Open! (This is the name the file had in the past. Has it changed?)

Set Firefox to trust that certificate for websites, and ignore the other two options.

從原來的回覆中察看解決方案 👍 2

所有回覆 (17)

more options

hi WernerP, yes - please refer to the section about kaspersky at How to troubleshoot security error codes on secure websites

more options

thanks a lot, philipp. But the link you sent me refers to KAV 2016, and this is working perfectly with Firefox. After installing KAV 2017 I did what is recommended, I installed the certificate (Kaspersky). I refuse to use the other - maybe - solution, because this would reduce my security. I think that the team of firefox makes too many updates and they are not on time with new software of Kaspersky. I am open to try other solutions, or to wait or to remove firefox

more options

選擇的解決方法

WernerP said

After installing KAV 2017 I did what is recommended, I installed the certificate (Kaspersky).

And that did not work? If you did not remove the authority certificate for the old version of Kaspersky, please try that in addition to importing the new certificate. Here's how:

Open Firefox's Certificate Manager:

"3-bar" menu button (or Tools menu) > Options

In the left column, click Advanced

On the right side, make sure the Certificates mini-tab is selected and then click the View Certificates button

In the Certificate Manager dialog, click the "Authorities" mini-tab (not the Personal or Servers mini-tab, which might initially be displayed by default)

If you see an existing "Kaspersky Anti-Virus Personal Root Certificate"

  • Select it and Click "Delete or Distrust" -- I'm not sure how to recognize the older vs. the newer one, but if you view the certificate, the newer one likely has a later expiration date

If you end up deleting all of them, you can re-import the newer one using the steps you used before.

If you can't find the newer certificate there, you could try importing it manually. These steps are from an older Kaspersky Forums post:

In the Certificate Manager, while viewing the Authorities tab, click "Import..."

Proceed to "C:\ProgramData\Kaspersky Lab\program-folder\Data\Cert\" either:

Windows XP: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP 17.00\Data\Cert

Later Windows: [To be determined]

Select "(fake)Kaspersky Anti-Virus Personal Root Certificate.cer" and Open! (This is the name the file had in the past. Has it changed?)

Set Firefox to trust that certificate for websites, and ignore the other two options.

由 jscher2000 - Support Volunteer 於 修改

more options

jscher2000 thank you very much for your advice. I will probably try it out. The core of the problem is that a user who works with browsers and AV software has to rely on those. More or less complicated solutions mean that the producers of these programs made something not perfect. For me, Kaspersky is more important that Firefox. therefore I am rather ready to remove firefox than Kaspersky. Well, I got also some advices from Kaspersky customer service, as soon as possible I will try out. For this, I have to make a system backup and if necessary a system recovery. I do not leave the trash of installations on my system. I will inform you about an success.

more options

It is due to Kaspersky and other antivirus clients inserting its own certificate (that is set in client by default) in their attempts to try and keep you safe but instead is causing secure connection issues like this. This over the last couple years has been making people blame insert versions of Firefox when it really was not a Firefox problem on Windows.

more options

james, your answer is interesting but not a solution for me. If in the future Firefox will not cooperate with kaspersky, I will never quit Kaspersky, in my opinion the best AV software worldwide, but firefox

more options

here you can read how the feature of the in your opinion "best AV software worldwide" that breaks firefox makes you actually less secure: https://blog.hboeck.de/archives/869-How-Kaspersky-makes-you-vulnerable-to-the-FREAK-attack-and-other-ways-Antivirus-software-lowers-your-HTTPS-security.html

more options

philipp, my object is not a discussion about Kaspersky, especially not using a blog of a German user. Thanks for your understanding

more options

http://www.securityweek.com/antivirus-software-has-negative-impact-https-security-researcher

Point is Kaspersky is the cause of the secure connection issues and can make you vulnerable if you have the feature enabled.

more options

james, your posting is not helpful for my question. I did not post it for a discussion about Kaspersky. BTW: I know Norton, I know Mc Afee and I prefer Kaspersky. Hopefully your answer is not part of the cold war opened by some politicians to slander Russian enterprises.

more options

jscher200, I am sorry to inform you that your advises refer to an older version of Kaspersky.

more options

WernerP said

jscher200, I am sorry to inform you that your advises refer to an older version of Kaspersky.

I'm not going to buy Kaspersky to learn the old certificate name and new folder path, so I asked you to help us with that information. If you cannot, please try Kaspersky's forums.

more options

Well, I did not find a folder in Kaspersky Lab with certificates. I am sorry for not being helpful. Of course I am in contact with Kaspersky support. Thank you anyway

more options

jscher2000, your first advice was correct. To import manually the Kaspersky certificate is the solution. Thanks a lot !

more options

Hi WernerP, where did you find the certificate in the new version? Or did you need to either export it from IE or download it from Kaspersky?

more options

jscher2000, the certificate is found in documents and settings/all users/application data/Kaspersky Lab/AVP 17.00/Data/Cert

more options

Thanks, I'll add that to my earlier post!