Keep getting "This connection is untrusted" for numerous frequent websites, including Mozilla website
This has only started today and is not happening on the other version of Firefox that is synced on another computer. I have just tried the Mozilla website and it is accessible although just as script. I have downloaded AdwCleaner and have run it, it deleted numerous files, but no change to the "This connection is untrusted" notice. One of the websites I have been to on a regular basis uses a certificate from "thawte DV SSL CA - G2", on one computer this is untrusted and on the other is okay.
Wubrane rozwězanje
Try to rename the cert8.db file (cert8.db.old) and delete the cert_override.txt file in the Firefox profile folder to remove intermediate certificates and exceptions that Firefox has stored.
If that has helped to solve the problem then you can remove the renamed cert8.db.old file. Otherwise you can rename (or copy) the cert8.db.old file to cert8.db to restore the previously stored intermediate certificates. Firefox will automatically store intermediate certificates when you visit websites that send such a certificate.
You can use this button to go to the current Firefox profile folder:
- Help > Troubleshooting Information > Profile Directory: Show Folder (Linux: Open Directory; Mac: Show in Finder)
- http://kb.mozillazine.org/Profile_folder_-_Firefox
Boot the computer in Windows Safe Mode with network support (press F8 on the boot screen) to see if that helps.
- http://www.bleepingcomputer.com/tutorials/how-to-start-windows-in-safe-mode/
- http://www.7tutorials.com/4-ways-boot-safe-mode-windows-10
Wšykne wótegrona (5)
You can check the date and time and time zone in the clock on your computer: (double) click the clock icon on the Windows Taskbar.
There is security software like Avast and Kaspersky and BitDefender and ESET that intercept secure connections and send their own certificate.
If you can't inspect the certificate via "I Understand the Risks" then try this:
Open the "Add Security Exception" window by pasting this chrome URL in the Firefox location/address bar and check the certificate:
- chrome://pippki/content/exceptionDialog.xul
In the location field of this window type or paste the URL of the website.
- retrieve the certificate via the "Get certificate" button
- click the "View..." button to inspect the certificate in the Certificate Viewer
You can inspect details like the issuer and the certificate chain in the Details tab of the Certificate Viewer. Check who is the issuer of the certificate. If necessary then you can attach a screenshot that shows the certificate viewer.
I checked the time and date and they were correct, I do use Kaspersky Total Security as anti virus and firewall protection, I did inspect the Certificate Viewer before and that is how I identified the issuer as "thawte DV SSL CA - GA". I'm unable to do a screen shot as I'm using a different computer and don't want to risk infecting it. I did use Google Chrome earlier to post this question and it was working fine, but when I tried to go into it just now it was blocking me from accessing secure urls.
Wubrane rozwězanje
Try to rename the cert8.db file (cert8.db.old) and delete the cert_override.txt file in the Firefox profile folder to remove intermediate certificates and exceptions that Firefox has stored.
If that has helped to solve the problem then you can remove the renamed cert8.db.old file. Otherwise you can rename (or copy) the cert8.db.old file to cert8.db to restore the previously stored intermediate certificates. Firefox will automatically store intermediate certificates when you visit websites that send such a certificate.
You can use this button to go to the current Firefox profile folder:
- Help > Troubleshooting Information > Profile Directory: Show Folder (Linux: Open Directory; Mac: Show in Finder)
- http://kb.mozillazine.org/Profile_folder_-_Firefox
Boot the computer in Windows Safe Mode with network support (press F8 on the boot screen) to see if that helps.
Thank you cor-el. I used your first suggestion of renaming the cert file and deleting the cert override file, it seems to have solved the problem on the websites that I was getting the unsafe messages. One query I have is do I need to copy the old file or can I just leave it as it is? Also I noticed that the cert override file hasn't reappeared, is this usual.
Wót MarkZim
If the new cert8.db that Firefox created works then you can delete the old file that contained certificates that were possibly corrupted or outdated.