1

After update to the latest version of firefox (52.0), when I enter on google.com* I get:

Your connection is not secure

Without the chance to add an exception.

Without luck, I tried:

  • Delete cert8.db and cert_override.txt
  • Adding manually the line for google on cert_override.txt (obtained from another machine)
  • Delete certificates (Options->Advanced->Certificates->Authorities->GeoTrust->Google Internet Authority G2)
  • New empty profile
  • Current profile refresh (firefox suggestion)
  • New installation of firefox
  • Cleared all Firefox history (with all options ticked)
  • Change the date/time to 2015 and then back to 2017
  • Use Agent switcher

My addons are:

  • Enchanced Steam
  • uBlock origin
  • Instant translate: Select and translate
  • Tampermonkey

I don't have plugins except for Flash (Ask to activate), OpenH264 and Widevine Content Decryption with Never activate.

On the same machine, on google Chrome google works good and on another machine with firefox also works good, so, I think is not a firewall configuration.

What else can I do to enter on google.com* on firefox en-US 52.0 (64-bit)?

EDIT: enter image description here

EDIT 2: I have currently installed Trend Micro OfficeScan Agent as virus/spyware protection. I can't disable it because is a work machine.

On all browsers I have to configure a proxy. Here is the information: (No proxy for internal addresses) enter image description here

jotapdiez
  • 111
  • 4
  • Try downloading a copy of Firefox Portable from PortableApps.com and see if you can reproduce your problem in it. Then announce the result here. It will help us isolate the problem. –  Mar 14 '17 at 13:40
  • @FleetCommand It is necessary? I tried with the binary version of firefox (decompress and use) and the result is the same. is a work machine and I don't want portable apps here. Thanks for your answer – jotapdiez Mar 14 '17 at 13:42
  • You have tried everything that immediately comes to mind! Maybe if you do this, we get an epiphany. So, yes, desperate times requires desperate measures. –  Mar 14 '17 at 13:44
  • @FleetCommand ok, let me try that. – jotapdiez Mar 14 '17 at 13:44
  • @FleetCommand Portable Firefox works same as normal Firefox installation. – jotapdiez Mar 14 '17 at 14:04
  • Then the problem is nothing related to Firefox itself, or its certificate store. (Because the portable has a separate store.) Is this what you get? https://support.mozilla.org/t5/Fix-slowness-crashing-error/What-does-quot-Your-connection-is-not-secure-quot-mean/ta-p/30354 –  Mar 14 '17 at 14:06
  • Can you [edit] your question to show what information is available when you right-click on the browser to *View Page Info* and select the *Security* tab? – Anthony Geoghegan Mar 14 '17 at 15:00
  • @FleetCommand The error is SEC_ERROR_UNKNOWN_ISSUER. The mozilla support page for that error does not help me. – jotapdiez Mar 14 '17 at 15:20
  • @AnthonyGeoghegan Added. – jotapdiez Mar 14 '17 at 15:20
  • To me, it looks like you're not actually connecting to the authentic Google website. I was going to suggest checking the `/etc/hosts`, or using `ping www.google.com` to see what IP address is being used when resolving the `www.google.com` hostname. However, the fact that Chrome works correctly would seem to indicate that this isn’t the source of the problem. I would have thought that Firefox has cached a wrong IP address or has a web proxy configured but since you’re using a new empty profile, this is unlikely. – Anthony Geoghegan Mar 14 '17 at 15:45
  • 1
    Is it possible that you’re using anti-virus software such as Avast, Bitdefender, ESET or Kaspersky and that this software is using a MITM proxy to intercept HTTPS traffic? In such cases, they might have installed a root certificate in the Windows certificate store. which is used used by Chrome (but Firefox manages its own set of root certificates). – Anthony Geoghegan Mar 14 '17 at 15:46
  • See also: https://support.mozilla.org/t5/Fix-slowness-crashing-error/How-to-troubleshoot-the-error-code-quot-SEC-ERROR-UNKNOWN-ISSUER/ta-p/35758 – Anthony Geoghegan Mar 14 '17 at 16:59
  • @AnthonyGeoghegan Before update, google works good. I only use firefox. Now I'm using chrome because with firefox I can't search or use gmail or login throught google+ on various sites. Something changes on the last version on firefox about certificates? As anti-virus, I only have *Trend Micro OfficeScan Agent*. Could I transfer certs from windows to firefox? Both browsers has a proxy configured. – jotapdiez Mar 14 '17 at 18:12
  • It’s possible that other software previously installed a root certificate into Firefox’s certificate store and the recent update then subsequently restored the certs to the default set. You should [edit] your question to mention that you use Trend Micro and to provide further details on the proxy – and how it is configured. – Anthony Geoghegan Mar 14 '17 at 20:20
  • Let us [continue this discussion in chat](http://chat.stackexchange.com/rooms/55418/discussion-between-jotapdiez-and-anthony-geoghegan). – jotapdiez Mar 15 '17 at 14:10
  • @AnthonyGeoghegan added chat for general discussion – jotapdiez Mar 16 '17 at 13:22
  • Same problem since yesterday, also with Firefox 52, even with `-safe-mode`, with all Google domains (www.google.com, www.google.fr, goo.gl, www.youtube.com, etc.). – vinc17 Jan 20 '18 at 09:53
  • In my case, I've eventually found a workaround (but insecure): set security.OCSP.require to false, even though the error was not about OCSP (it was `SEC_ERROR_UNKNOWN_ISSUER`). – vinc17 Jan 20 '18 at 10:51

0 Answers0