Jump to content

Recommended Posts

Posted (edited)

I just refreshed FF and it almost looks like their certificate store got corrupted. Many web sites have a

security warning

 

This was one which went away

 

Your connection is not secure

The owner of www.google.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.

This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely. As a result, it is not possible to add an exception for this certificate.

 

I put the SS9 firewall back into learning mode and now get notification of new rules that should have been in

from the previous learning mode.

 

Could SS9 be causing a problem reading certificates ?

 

Just got a warning about Facebook ssl

Edited by ken1943
Posted (edited)

Is that the SSL problem ?

 

YES fixed

Edited by ken1943
Posted (edited)

There have been posts about ssl having to be turned  off in SS9. I ran into the problem yesterday. Is there a cure besides turning off ssl scanning ?

 

After I refreshed Fire Fox, I could not connect to any web sites because of different warnings. Just happened to find posts about turning off ssl in V9.

 

I just asked what the permanent fix will be..

Edited by ken1943
Posted (edited)

I use Firefox and v9 SSL enabled (automatic mode) and firewall in automatic mode with no issues. I am anxious to see if a Mod has anything to add.

Edited by TomFace
Posted (edited)

After I did the Fire Fox thing and could not get to any sites. Included in the warnings, there was something about certificates, which got me looking around here. I remembered seeing something about SSL in this forum. So, I disabled SSL

filtering and I could get to sites. At that point I asked the question here. I enabled the filter a few minutes ago and now everything seems to be working. I looked at the FF certificates, not knowing what I was looking for.

 

My only thought is that the refresh of FF downloaded was faulty and another direct download was ok. I did not know a refresh actually

downloaded a new copy and installed it. Was wondering what that was all about.

 

Who knows ? After all this is Windows ! And Windows 10 at that !

Edited by ken1943
Posted

Well I use Win 7, so it's possible the 10 "could" be the issue. Not sure.

 

Good Luck.

  • 4 weeks later...
Posted

Hi,

 

Im running Firefox 44.0.2 and the developers version of firefox, windows 10 pro insider preview Build 14279.rs1_release.160229-1700 and eset security suite 9.0.375.0 and have encoutered this problem. I reinstalled firefox recently and then was unable to view https sites. The fix according to the bug that was raised with mozilla is to turn off the ssl/tsl filtering protocol and then turn it back on again. Is this going to be fixed?

  • Administrators
Posted

Hi,

Im running Firefox 44.0.2 and the developers version of firefox, windows 10 pro insider preview Build 14279.rs1_release.160229-1700 and eset security suite 9.0.375.0 and have encoutered this problem. I reinstalled firefox recently and then was unable to view https sites. The fix according to the bug that was raised with mozilla is to turn off the ssl/tsl filtering protocol and then turn it back on again. Is this going to be fixed?

 

If disabling and re-enabling SSL/TLS scanning helps, then this is the solution. I don't think that importing the root certificate to the certificate store on every computer startup would be acceptable for our developers and all other users.

Posted

I have had this occur with my Windows 7 system, with only Firefox other browsers (IE, Chrome, Opera) all work fine.  It appears as if the Firefox profile will actually corrupt the ESET NOD32 installation.  The way to fix this is:

1. Uninstall NOD32 completely including system restart
2. Create a new Firefox profile
3. Install NOD32 again
4. Firefox should work again ... at least it did for me.


Here is what happens (I have reproduced this exact scenario twice just to make sure because it blew my mind).

- open Firefox using "Profile1"
- you will get the message "Your connection is not secure" ... blah blah blah
- shut down Firefox
- startup Firefox using a completely clean profile "Profile2"
   -- this can be even a fresh install of Firefox with a fresh profile, doesn't matter
- you will get the message "Your connection is not secure"
- try using a fresh install of FirefoxPortable
- you will get the message "Your connection is not secure"
- going into NOD32 and disabling web scanning does not do anything to help
- at this point Chrome and IE (or even Opera) will work fine
- now uninstall NOD32 completely and restart the system
- create a clean Firefox profile "Profile3"
- Firefox "Profile3" will work fine
- Firefox "Profile1" will work fine as well
- re-install NOD32
- the newest Firefox profile "Profile3" should work properly still
- the FirefoxPortable profile should work fine as well

- ... now here's the kicker ...
- restart Firefox using the old 'bad' profile "Proflie1"
- NOD32 will start blocking all Firefox traffic for any Firefox profile or installation, even newly created ones such as "Profile4"
- FirefoxPortable will now have the "Your connection is not secure" message again
- uninstall NOD32
- now all Firefox profiles will work again
- re-install NOD32
- all Firefox profiles EXCEPT "Profile1" will work again
- if you startup Firefox "Profile1" it will corrupt the ESET NOD32 installation and you will have to uninstall NOD32 and start all over again

Really, this actually happens.  I had to repeat it twice because I didn't believe it.  I'm a Senior Software Engineer at a highly secure multinational financial firm so I'm no shmo off the street poking around with this stuff.  It seems as if NOD32 flags Firefox for something in the offending Profile1 (only has 4 basic plugins installed and they work on the new profiles as well) but nothing shows up in the logs or gets flagged to the user about this .exe being blocked.  Very interesting bug, that's for sure.

  • Administrators
Posted

1, When using a portable browser, you need to import the root certificate manually as the browser is not registered in the registry.

2, If profiles.ini contains a reference to a non-existing profile, the root certificate won't be imported automatically (this will be fixed in future versions).

 

So basically what should help is deleting Firefox profiles and creating a new one from scratch. Then do the following:

- close all browsers and email clients (make sure that no such process is running in the Task manager). Alternatively you can restart the computer and not launch any application.

- disable SSL/TLS scanning and click OK

- re-enable SSL/TLS scanning and click OK

- launch Firefox.

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...