SSL on v.36.0.1 Padlock and Identity Info Missing
Firefox 36.0.1 (sporadically) displays exclamation HTTPS/SSL indicator and is missing ownership information.
I’ve found that using back and forward will cause the correct HTTPS/SSL indicator and data to display
First two images are while on this very system entering support questions. Second two are after using back and forward on this system
All Replies (16)
That shouldn't happen with this website.
Start Firefox in Safe Mode to check if one of the extensions (Firefox/Tools > Add-ons > Extensions) or if hardware acceleration is causing the problem.
- Switch to the DEFAULT theme: Firefox/Tools > Add-ons > Appearance
- Do NOT click the Reset button on the Safe Mode start window
There are times when the back-forward cache seems to malfunction and show that there is mixed content even when there is not. A reload bypassing the cache Ctrl+Shift+r usually clears that up.
A possible workaround is to tweak a setting related to the back-forward cache:
(1) In a new tab, type or paste about:config in the address bar and press Enter. Click the button promising to be careful.
(2) In the search box above the list, type or paste sess and pause while the list is filtered
(3) Double-click the browser.sessionhistory.max_total_viewers preference and change the value from -1 to 0 (that's a zero).
(Please don't change any other similar-sounding settings to 0 or you may disable Firefox's ability to save/restore your open windows and tabs.)
That suggestion is from: ssl goes mix content on google after pressing back button?
cor-el - These suggested steps didn't resolve the issue here.
jscher2000 - this doesn't appear to be an issue with mixed content (I couldn't find mixed content on this site). Additionally, not all the sites resolve after back/forward. I will try your suggested steps, but I don't expect these to affect this problem.
Interestingly, when the site opens, I can see the icon change state. If I'm quick enough, I can actually see where some info is displayed initially (grey globe) then goes away. In some cases (seeing in kickstarter now) a grey lock appears with verified by details present, but not ownership. Other times (LinkedIn) not ownership or verified info is present. In both these cases, back and forward has no effect.
I have downgraded to 35 to resolve other support issues and this issue appears in 35 (I saw it before going to 36, so seeing it again in 35 is not a surprise)
jscher2000 said
change the value from -1 to 0 (that's a zero).
This change did not have an affect on the problem. To elaborate on my previous, after making this change and restarting FireFox (35 at this point), the support.mozilla.org page HTTPS/SSL indicator initially displayed green momentarily before changing to grey exclamation triangle.
Do you have any software that scans or monitors your connection? As some antivirus have features like this and can cause this issue if enabled.
wizzardz said
this doesn't appear to be an issue with mixed content (I couldn't find mixed content on this site).
I'm not sure how you searched for mixed content. You might check the web console (Ctrl+Shift+k) and browser console (Ctrl+Shift+j) for warnings (after opening each console, click the Clear button on each to flush the clutter, then reload the page). Each console has a search box at the upper left to filter the list; typing mix should match any mixed console messages.
wizzardz said
In some cases (seeing in kickstarter now) a grey lock appears with verified by details present, but not ownership.
Just FYI, ownership is only considered to be verified when a site has an Extended Validation (EVSSL) certificate. In that case, the lock should turn green. This support site has such a certificate.
Regarding the mixed content, I was looking at the wrong content and this page does appear mixed.
Can you verify which field of the cert (ownership and issuer) would populate the ownership data. Its my understanding that this would come from the Organization data (Mozilla Foundation and DigiCert Inc in this case)? Being as the support.mozilla.com cert is an EV, shouldn't this ownership info (as well as issuer for all cert types) be presented?
First image shows this pages cert both ownership and issuer missing. Second shows cert details of this cert with ownership, issuer and EV details. 3rd is IE11 (which I don't use for well known reasons) view of it.
Given an EV cert with proper ownership info and a page with mixed content (e.g., like this page), would it be expected for green lock, grey lock, or grey exclamation triangle to be displayed?
James said
Do you have any software that scans or monitors your connection? As some antivirus have features like this and can cause this issue if enabled.
Can you elaborate on which AV software would do this as I would want to avoid them at all costs. I can't imagine a good use case for an AV utility to obfuscate information like this. I use AVG and disabling the protection does not change the condition.
I didn't realize it before, but Firefox suppresses the owner information in the case of mixed content. So I see the same thing you do for this page if I introduce insecure display content.
(I mixed the content in the page by right-clicking a user picture > Inspect Element (Q), then changing the src URL from https to http and pressing Enter.)
For the mixed content loading for you, what is the source?
After posting my last, I did a back and forward, and the cert ownership and validation now appears with a green lock. Interestingly it indicates the content is now not mixed.
jscher2000 said
I didn't realize it before, but Firefox suppresses the owner information in the case of mixed content. So I see the same thing you do for this page if I introduce insecure display content.
I don't believe this has always be the case (as I'm sure I'd have noticed), and I'm sort of intrigued as to the reasoning behind this. I can only imagine the FUD it'd introduce for those expecting to see a lock (green or grey) but see the triangle simply as a result of an unencrypted image on an otherwise encrypted page.
jscher2000 said
For the mixed content loading for you, what is the source?
So far I'm unable to locate what part is unencrypted. Its odd it can seemingly switch back and forth.
Do the Web Console (Firefox/Tools > Web Developer) or the Network monitor tab show this mixed content?
cor-el said
Do the Web Console (Firefox/Tools > Web Developer) or the Network monitor tab show this mixed content?
EDIT: Ignore below as an answer to your query. After I reread it, I realized what you were asking. I'll respond again once I can check these tools
Trying the links while this page showed both the triangle and fully encrypted, the links always showed fully encrypted. When I tried the links with this page not fully encrypted (triangle), using back to return to this page again showed the triangle.
Once I'm able to get this page to show fully encrypted, closing FF - which clears cookies (now that I've reverted to v35.0.1) - and returning to the page again shows the triangle. I haven't found a reproducible set of steps to get the page to show fully encrypted, but back and forward enough times seems to make it encrypt eventually.
Modified
cor-el said
Do the Web Console (Firefox/Tools > Web Developer) or the Network monitor tab show this mixed content?
I wasn't able to determine whats not encrypted.
I wonder whether the disk cache has become corrupted somehow? You might already have tried clearing it but, if not, you can use:
"3-bar" menu button (or Tools menu) > Options > Advanced
On the Network mini-tab > Cached Web Content : "Clear Now"
If you have a large hard drive, this might take a few minutes.