Closed Bug 1529885 Opened 6 years ago Closed 6 years ago

Your connection is not secure

Categories

(Web Compatibility :: Site Reports, defect)

Product:
Web Compatibility
Component:
Site Reports
Platform:
x86_64
Windows 7
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 1310629

People

(Reporter: hrdubwd, Unassigned)

Details

User Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:65.0) Gecko/20100101 Firefox/65.0

Steps to reproduce:

Ordinary attempts to connect to various websites, inc. Spamcop reports, Weatherlink.com and NatWest online banking. Nothing special, all having been used many times without trouble, including a few minutes before the problem.

It is not reproducible to order - random events, not consistent

Actual results:

Your connection is not secure

The owner of [xxx] has configured their web site improperly. To protect your information from being stolen, Firefox has not connected to this web site.

This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely. As a result, it is not possible to add an exception for this certificate.

Learn more…

Report errors like this to help Mozilla identify and block malicious sites

[xxx] uses an invalid security certificate.

The certificate is not trusted because the issuer certificate is unknown.
The server might not be sending the appropriate intermediate certificates.
An additional root certificate may need to be imported.

Error code: SEC_ERROR_UNKNOWN_ISSUER

++++++++++++++++++++++++++++

The strange thing is that retrying later the connections works without difficulty. For Online banking, it has been approached by clearing cookies, on advice, and this has worked (it seemed), but this morning it is apparent with Spamcop that simply retrying has no problem.

Expected results:

Simple connection, as before.

Is this a parsing corruption or what? Whatever it is, it is extremely worrying (to start with) for online banking, but it does waste time and temper.

I should have added that this is a relatively recent kind of event, say middle of last year on, so it appears to affect several versions of FF. Three in a week prompts this now.

https://support.mozilla.org/kb/error-codes-secure-websites

What is your security software?

Component: Untriaged → Security: PSM
OS: Unspecified → Windows 7
Product: Firefox → Core
Hardware: Unspecified → x86_64

As of a few days ago it is Bitdefender free, until then it was MS Security Essentials. Neither have given any warning.

Next time you encounter this, can you click on "Advanced" and then click on the blue error code ("SEC_ERROR_UNKNOWN_ISSUER"), then "Copy text to clipboard", and paste the results here?

Flags: needinfo?(hrdubwd)

It has just happened again with Spamcop, after doing quite a few reports this morning.

Does this help?
++++
https://www.spamcop.net/sc?id=z6524237126z321c76c0b5684d991e42a69eb80534c7z

Peer's Certificate issuer is not recognised.

HTTP Strict Transport Security: true
HTTP Public Key Pinning: false

Certificate chain:

-----BEGIN CERTIFICATE-----
MIIEkzCCA3ugAwIBAgIJAK4xdbxXyoFCMA0GCSqGSIb3DQEBCwUAMGAxLTArBgNV
BAMMJEJpdGRlZmVuZGVyIFBlcnNvbmFsIENBLmF2ZnJlZTAwMDAwMDEMMAoGA1UE
CwwDSURTMRQwEgYDVQQKDAtCaXRkZWZlbmRlcjELMAkGA1UEBhMCVVMwHhcNMTgw
NDMwMDAwMDAwWhcNMTkwNDMwMTIwMDAwWjCBjTELMAkGA1UEBhMCVVMxEzARBgNV
BAgTCkNhbGlmb3JuaWExETAPBgNVBAcTCFNhbiBKb3NlMRYwFAYDVQQKEw1DaXNj
byBTeXN0ZW1zMSEwHwYDVQQLExhTZWN1cml0eSBDbG91ZCBPcGVyYXRpb24xGzAZ
BgNVBAMTEnd3dy5zZW5kZXJiYXNlLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAPE2O2yh9lkxkleLVavpNztVI0fxr7u0nGDDdt/qvy7DbnD0ON9N
Py0AUZ8JQBAHXIWttfrkiBLk+6ls5Vqayr0aoV/QTnpm5uufhj60BYz4rbvcaIEa
dBsg286JvMjSNa7V+YXGM3FUjyz0H9aOjYaH1aodOdtKre4GhfH20T2PwrOxfjDw
5+EIr4VIeJDLFYhF3mH0tT2HpSuvVaZOgButegNkVPe1KEDmoiAqub931Jw7Wu2D
+MEAQNggiu8wCeOgUs6TPgjKMnOg5GQ9ZugEl744r0R18zH8mOkXpXHaZhxoaIbc
cFTF6hA0J52x6a36x2eXtikdgyKUPe6nvrMCAwEAAaOCASAwggEcMDYGA1UdHwQv
MC0wK6ApoCeGJWh0dHA6Ly8xMjcuMTI3LjEyNy4xMjc6MzkzOS8yOGVlNi5jcnQw
geEGA1UdEQSB2TCB1oISd3d3LnNlbmRlcmJhc2Uub3Jngg5zZW5kZXJiYXNlLm9y
Z4ISbWFpbHNjLnNwYW1jb3AubmV0ghNnZW5lcmFsLnNwYW1jb3AubmV0ghZjaGFy
bGllLnNlbmRlcmJhc2Uub3JnghNiZXRhLnNlbmRlcmJhc2Uub3JnghFmb3J1bS5z
cGFtY29wLm5ldIILc3BhbWNvcC5uZXSCFGFscGhhLnNlbmRlcmJhc2Uub3JnghNt
ZW1iZXJzLnNwYW1jb3AubmV0gg93d3cuc3BhbWNvcC5uZXQwDQYJKoZIhvcNAQEL
BQADggEBAKXU77fIEnTv60BhIpoYJmb/IgPphrebwuM/1cnn8JWjFOzdLOZLwtJP
/Ye78ISE6XuDI/9G2AnUvIi60KYVkltEzmY/a4bqIviRk1i6lwDIsPnThZck4JC1
GuHsYiggsqbIdt6JkcWkfNRw0UsayebnhrEf4Ggx/o3UKWbB6PpVeir1UrHIilCA
SYNYqQ/ko1rfQqmQI1RWirqtOJaLsvBmOOwxJlJehyJdBox7IN2fTay8rrJ+Q/i2
MY3Od+CpUR3frFufaXiR8q4OVM5H900/1KiblSAg6oiEG1pVMEGiOEbn736oDGXh
5iXYXMUWZjF4SE0rVeR+XOu4c9g8ao0=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIDZjCCAk6gAwIBAgIJAP2l3nJ3rE5+MA0GCSqGSIb3DQEBCwUAMGAxLTArBgNV
BAMMJEJpdGRlZmVuZGVyIFBlcnNvbmFsIENBLmF2ZnJlZTAwMDAwMDEMMAoGA1UE
CwwDSURTMRQwEgYDVQQKDAtCaXRkZWZlbmRlcjELMAkGA1UEBhMCVVMwHhcNMTAw
MTAxMDAwMDAwWhcNMjkwMjE0MTQ0MzAxWjBgMS0wKwYDVQQDDCRCaXRkZWZlbmRl
ciBQZXJzb25hbCBDQS5hdmZyZWUwMDAwMDAxDDAKBgNVBAsMA0lEUzEUMBIGA1UE
CgwLQml0ZGVmZW5kZXIxCzAJBgNVBAYTAlVTMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA8TY7bKH2WTGSV4tVq+k3O1UjR/Gvu7ScYMN23+q/LsNucPQ4
300/LQBRnwlAEAdcha21+uSIEuT7qWzlWprKvRqhX9BOembm65+GPrQFjPitu9xo
gRp0GyDbzom8yNI1rtX5hcYzcVSPLPQf1o6NhofVqh0520qt7gaF8fbRPY/Cs7F+
MPDn4QivhUh4kMsViEXeYfS1PYelK69Vpk6AG616A2RU97UoQOaiICq5v3fUnDta
7YP4wQBA2CCK7zAJ46BSzpM+CMoyc6DkZD1m6ASXvjivRHXzMfyY6RelcdpmHGho
htxwVMXqEDQnnbHprfrHZ5e2KR2DIpQ97qe+swIDAQABoyMwITAPBgNVHRMBAf8E
BTADAQH/MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAzFrAUc82
aLGl2miVFVX4PUQvPCLtTGWLtL1E+CXwsKeYVIekLsFj1iBdFr5x0ZkiltEZMEbG
GtqOFNeHTWtFj/C6B74VBUWHdNLIK6K1CYtFRE09Rf6uOvQICZZkfZ8U35mLoN8b
MdAN9rrgYFZarQ10mcUfzYfstrAag8x65932iLT49YRVl8EHz7fdM60rqE5p0Mmz
z0KGi6Z9IrrsQJtSQZICG3LRXn/fdf6LUkY6h3wu06Vbq/tyUS05tczOcVBIv6Ne
zSdXVQGxHQMYxlyiD/Xr6FQQqRdRxHu3K0JqO5rThbmoUnFYe5gZgBT3sdtyV9Q6
5JLApeqfTWn7uw==
-----END CERTIFICATE-----

Flags: needinfo?(hrdubwd)

Apologies - evidently I did not press "save changes" when I entered that last.

So it looks like bitdefender isn't working properly. We're tracking this in bug 1310629.
Disabling its web filtering functionality (if that's possible) might work as a workaround. If you find that you're still encountering the same error, feel free to follow the steps from comment 4 and past the results here again.

Status: UNCONFIRMED → RESOLVED
Closed: 6 years ago
Resolution: --- → DUPLICATE

As I said, I had that behaviour well before I installed BD. I think it (BD) was causing something else pretty disastrous: preventing ALL internet connections after about a day or so - except pings! (The system continued to report that all connections were Established, but BD kept generating new ones - which I presume means that it was unable to communicate so kept on trying. It did not close down old ones.)

I have now uninstalled BD, reinstalled M$ Sec. Essentials, and am waiting to see what happens, if anything. A repeat will narrow the options. BD are totally unhelpful for the free version.

But even so, that fact that I had that "security" problem long before any of that indicates another source (which of course does not rule out BD also have a role when it is present).

I conclude that this is NOT a duplicate.

Component: Security: PSM → Desktop
Product: Core → Web Compatibility
Version: 65 Branch → unspecified
You need to log in before you can comment on or make changes to this bug.