Closed Bug 1352045 Opened 8 years ago Closed 8 years ago

Cant even visit Microsofts Support center any more (support.microsoft.com)

Categories

(Firefox :: Security, defect)

Product:
Firefox
Component:
Security
Version:
47 Branch
Platform:
All
Windows
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED INCOMPLETE

People

(Reporter: White-Gandalf, Unassigned, NeedInfo)

Details

Since adding the so called "HTTP Strict Transport Security (HSTS)" handling, more and more sites become unavailable with firefox. I'm forced to use other browsers. Not a single other browser shows that type of usage misshandling. It started to annoy me when political information sites became unavailable. But it becomes worse every day. It simply CANT BE - to block out THE NR ONE Operating system provider and especially his support pages. I call such behavior "very healthy haughtiness". You were aware of the fact, that your approach on handling HTTPS problems is stupidly user hostile, from the first days. You got thousands of complaints against that, but decided to ignore them completely. Just for the record, lets make another entry (which, i am absolutely sure, you will ignore as well)... =================== Steps to reproduce: Call "support.microsoft.com" today (2017-03-30) Expected behavior: Be able to view the support pages Actual behavior: You get: ---------------- Your connection is not secure The owner of support.microsoft.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website. This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely. As a result, it is not possible to add an exception for this certificate. ... Error code: SEC_ERROR_UNKNOWN_ISSUER ---------------- Mitigation: Use another browser! Cram firefox in the trash bin!
This is usually an issue with the installed antivirus program or other software which intercepts the internet traffic. See how to fix the issue at https://support.mozilla.org/t5/Fix-slowness-crashing-error/How-to-troubleshoot-the-error-code-quot-SEC-ERROR-UNKNOWN-ISSUER/ta-p/35758 Please let us know which program caused the issue. Furthermore, the bug report says this applies to Firefox 47. If that is true, please update Firefox as this version has known vulnerabilities.
Severity: blocker → normal
Flags: needinfo?(White-Gandalf)
There's no direct problem with Firefox and https://support.microsoft.com. Without additional information we can't begin to diagnose what kind of "Man in the Middle" scenario is going on here. Most benign scenario is an anti-virus product doing interception without installing it's root cert into Firefox. At the other end is the possibility that you are under attack. If other browsers on your machine "work" then it's likely the A-V case.
Status: UNCONFIRMED → RESOLVED
Closed: 8 years ago
Resolution: --- → INCOMPLETE
You need to log in before you can comment on or make changes to this bug.