Mozilla Firefox no longer allows me to visit google.com; it claims it can't confirm the connection is secure.
Last week, my anti virus software (bitdefender) expired, and I was without one for a couple of days. By now I have reinstalled the updated version and it is fully operational, with no security issues or messages or updates waiting to be installed. It might be a coincidence (but I think not), but since a couple of days, Mozilla firefox no longer allows me to visit google.com/be (I'm Belgian); it claims it can't confirm that the connection is secure. I most often use the search engine duckduckgo, but would still like to be able to use google if need be!
I have tried running Mozilla Firefox without add-ons and there was no difference. Every time, I get this message:
"This Connection is Untrusted You have asked Firefox to connect securely to www.google.com, but we can't confirm that your connection is secure. Normally, when you try to connect securely, sites will present trusted identification to prove that you are going to the right place. However, this site's identity can't be verified. ..."
Please can someone help me? I run Windows 7. According to the action center, everything is running normally, and internet security settings are "set to their recommended levels". That's as far as my internet problem solving abilities go..
Thank you so much!
Todas as respostas (20)
Can you post a screenshot of the error popup? http://support.mozilla.org/en-US/kb/how-do-i-create-screenshot-my-problem
Hi! TineG. I'm SaintCyr and I'm going to try to help you.(Excuse my broken english ;) ) About your problem, you can resolve it trying this solutions: 1-Setting your computer time 2-empty your cache 3-In firefox, go to setting-->help In basic parameters of the application section, click on Open the folder, and delete the file "cert8". It will be create at your next session. 4-Then restart your browser and enjoy it! :)
Hello SaintCyr and Christ1, thank you for your help! Christ1, I've added a screenshot of the error message (png). SaintCyr, I'm not sure what you mean by application section?
Click 'I understand the risks'. Then attempt to add an exception at the bottom of the error page & inspect the certificate (see the screenshot attached for instructions):
Which issuer information does the certificate show?
Do not actually confirm the security exception.
This is the issuer information I get (see png file). It seems to be bitdefender.
So I suppose you do run Bitdefender? Did you activate some sort of 'security' setting in Bitdefender to protect your browser or your web experience, something like that? Bitdefender is apparently intercepting your SSL/TLS protected connection to Google. In other words, Bitdefender tries to inspect the traffic you're sending to Google, but cannot do this, when it's encrypted. It therefore pretends to be Google by issuing a cert for the Google server, and is talking to the Google server on your behalf. By doing this, it's breaking the end-to-end encryption. Firefox cannot determine the authenticity of the cert issued by Bitdefender, and hence you get the exception prompt.
It's up to you to decide how to proceed. If you trust Bitdefender, you can go ahead and confirm the exception (I wouldn't). Or disable the 'security feature' in Bitdefender, so that Firefox can talk with the Google server directly, as it's supposed to be.
Yes I do run bitdefender, I bought and installed the 2014 version. Sorry if I was a bit confusing there. It was recommended to me by the owner of the pc store where I also bought my laptop, so I'm assuming it's a secure anti-virus software..
But as you're pointing out that Bitdefender is the problem, I'll just return to the store and ask him to help me fix it. I'd better not try it myself because it sounds rather complicated.
Thanks a lot for the help! I'm very impressed with the speed/professionalism. Best!
Why do you not use www.google.be? That does work. Why use google.com/be?
Hello finitarry. What I meant was, I use both google.be and google.com, depending on what I'm looking for and in what language! Sorry, I haven't made myself really clear :)
hi TineG, you'll have to disable the following setting in bitdefender to get around those errors: http://www.bitdefender.com/support/what-to-do-when-security-certificates-cannot-be-verified-installed-1090.html
Hi Philipp, thanks, I've tried this but it made no change. I still can't access google, even when the SSL scan feature is switched off..
do you still get "bitdefender personal ca.net-defender" as the issuer of the failing certificates after you've turned off ssl scanning in bitdefender's preferences?
one other thing to try is to go to the firefox menu > options > advanced > network > connection - settings... and set "no proxy" in there.
Oh my god guys! I think I discovered the problem. My laptop was infected with that horrible saltar smart adware. No idea how it got there, maybe when I was temporarily without anti virus software. I've uninstalled it, then tried google and it works! I'm hoping it won't come back...
Thank you so very much for your help! Much appreciated.
thanks for your feedback.
in this case i'd also recommend running a full scan of your system with different security tools like the free version of malwarebytes and adwcleaner to make sure that adware isn't present and active in other places of your system as well.
I'd still be curious what you get as certificate issuer now when you visit a secure Google site.
Hi Christ, see the attached png file! Hope this is what you were curious for. Philipp, thanks a lot for the links. I'll definitely install them!
Based on the screenshot Bitdefender is still intercepting your secure connections. I can only guess that you already created a security exception for this cert. As said before, it's up to you to decide whether you trust Bitdefender or not. I wouldn't.
Hi Christ1, I'm not sure I understand your reply. You'd get rid of bitdefender, then? What exactly is the risk? I've used it last year as well and it seeemed fine..
Not to get rid of Bitdefender, but not to let them intercept your secure connection to the server. Would you like them to be able to read all your mail while you think you communicate securely with your provider's server? And this isn't limited to email, think about what you do with your browser ...
Well, if you can't trust your security software vendor to read your web traffic, who can you trust? But seriously...
Bitdefender is not really an outlier here: both Kaspersky and ESET also have this feature, so it is becoming more common. Presumably millions of users have their connections intercepted and filtered daily without even realizing it because this is so much more transparent in IE and Chrome.
It's really your call about how you want to balance the risks here:
On the one hand, the AV software is intercepting your web traffic to screen for potentially dangerous content and prevent it from reaching Firefox. This could help protect against new vulnerabilities in Firefox and your plugins between updates.
On the other hand, the AV software is opening a tiny window of vulnerability in the connection between Firefox and the website where the contents being sent are readable by the AV software -- and if it gets compromised, by other software on your system.
Personally I would prefer not to filter the secure connections (allow regular scanning but not SSL scanning), but that's just me.