Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Rohkem teavet

Mozilla stopped access to proxy server. How do I get around this?

more options

I'm an academic Library Director. We'd like to continue to use Firefox, as would our students but will not be able to do so if we can't apply an easy work around with Firefox when it blocks us from accessing our proxy server. For example, it blocks our link to EBSCO databases via the proxy server: https://0-search.ebscohost.com.muih.iii.com/login.aspx?authtype=ip . When we try to get to EBSCO, Mozilla shows the following:

Your connection is not secure

The owner of 0-search.ebscohost.com.muih.iii.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.

This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox may only connect to it securely. As a result, it is not possible to add an exception for this certificate.

Learn more…

Report errors like this to help Mozilla identify and block malicious sites

0-search.ebscohost.com.muih.iii.com uses an invalid security certificate.

The certificate is only valid for the following names:

 *.iii.com, iii.com  

Error code: SSL_ERROR_BAD_CERT_DOMAIN

Thank you for your attention to this matter.

Best,

Jenifer

I'm an academic Library Director. We'd like to continue to use Firefox, as would our students but will not be able to do so if we can't apply an easy work around with Firefox when it blocks us from accessing our proxy server. For example, it blocks our link to EBSCO databases via the proxy server: https://0-search.ebscohost.com.muih.iii.com/login.aspx?authtype=ip . When we try to get to EBSCO, Mozilla shows the following: Your connection is not secure The owner of 0-search.ebscohost.com.muih.iii.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website. This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox may only connect to it securely. As a result, it is not possible to add an exception for this certificate. Learn more… Report errors like this to help Mozilla identify and block malicious sites 0-search.ebscohost.com.muih.iii.com uses an invalid security certificate. The certificate is only valid for the following names: *.iii.com, iii.com Error code: SSL_ERROR_BAD_CERT_DOMAIN Thank you for your attention to this matter. Best, Jenifer

All Replies (3)

more options

Hi Jenifer, did this problem start after a recent Firefox update? Did it used to work in Firefox?

I get similar certificate errors in Chrome and IE. Do those work normally for you on the same site?

more options

Yes, I think the problem began with a new Firefox update. It used to be simple for us to make an "exception" and tell our students to make an "exception" (we have remote users) which allowed the person using Firefox to access the necessary pages thereafter. We have given up on using IE-- way to many problems to note here. As for Chrome, we found an easy way to make the "exception" and can connect using Chrome. I'd rather not become a Chrome shop unless we must.

more options

You are getting a different version of Firefox's error page than I am. Mine has an "Add Exception" button, but yours does not because the button is not displayed when Firefox has previously stored a policy from that server to enforce "strict transport security":

This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox may only connect to it securely. As a result, it is not possible to add an exception for this certificate.

There are two ways to remove that policy, neither of which is perfect, so you can consider which one seems best in this situation:

Forget About This Site

Firefox offers a way to remove ALL DATA for a site, including the saved HSTS flag AND cached pages, history entries, cookies, AND bookmarks. If you haven't saved a lot of bookmarks for that site and don't rely on history entries to autocomplete previously visited addresses, this might be the most convenient way to go.

However, if you visit a lot of sites all ending with ".muih.iii.com" this might not work, and I assume it would be a problem to clear all data for all such sites.

If you want to try it:

  • Open the Library dialog to your history, either
    • Windows: Ctrl+Shift+h
    • History menu > "Show All History"
  • right-click a history entry for the site and choose "Forget About This Site"

That might take several moments if you have a large cache and a traditional spinning hard drive. There is no "Undo" for this so be sure you want to do it!

When you return to the page and get the certificate error, you now should see the Add Exception button in the "Advanced" section.

Edit or Remove Settings File

Firefox keeps HSTS flags and related data in a settings file named "SiteSecurityServiceState.txt" in your currently active profile folder. This is a plain text file you could edit, or if you remove it, Firefox will rebuild it as you revisit those sites. While there is some site data in here that perhaps you might not want to lose, I don't think it's crucial.

Open your current Firefox settings (AKA Firefox profile) folder using either

  • "3-bar" menu button > "?" button > Troubleshooting Information
  • (menu bar) Help > Troubleshooting Information
  • type or paste about:support in the address bar and press Enter

In the first table on the page, click the "Show Folder" button (on Mac: Show in Finder). This should launch a new window listing the various files and folders in your profile folder.

Leaving that window open, switch back to Firefox and Exit, either:

  • "3-bar" menu button > "power" button
  • (menu bar) File > Exit

Pause while Firefox finishes its cleanup, then rename SiteSecurityServiceState.txt to something like SiteSecurityServiceState.old (or if your Windows still has the default setting to hide the .txt extension, it might be simpler to rename it to SiteSecurityServiceState-old).

Start Firefox back up again, and when you get the certificate error page, you now should see the Add Exception button.