• Sign in to Neowin Faster!

    Create an account on Neowin to contribute and support the site.

Sign in to follow this  

Just upgraded to FF 42 X64, now I can not access https sites

Recommended Posts

The_Decryptor    1,105

I bet its your AV, do you have TLS/HTTPS scanning enabled?

To actually scan secure traffic, your AV has to break the security of the connection and fakes it for the browser to appear as if it's secure. If it doesn't know how to interact with 64bit Firefox, it can't lie to the browser, and the browser will see the connection is insecure. If that's the case, the only reason it worked with Cyberfox was because it's a 3rd party build, and it probably didn't detect it as a browser.

Edit: Yeah, pretty sure it's that. Firefox is complaining that the certificate for YouTube doesn't chain to a built in root, so either your certificate store is entirely busted, or the AV hasn't installed their root certificate.

  • Like 1

Share this post


Link to post
Share on other sites
Night Prowler    132

If you are using Adguard uncheck 'Filter HTTPS Protocol', and all is good. I'm guessing any AV that has a similar switch will need to be neutralized.

Remember if this is the new 64bit FF that some plugins might not work. A registered version of RoboForm when used indicates that RoboForm needs to be registered. Looks like an update is needed?

Share this post


Link to post
Share on other sites
T3X4S    4,532

start using ublock, and get rid of Kaspersky - all will be right in the world.  Rainbows everyday - freaking unicorns farting rainbows I tell you.

Share this post


Link to post
Share on other sites
Night Prowler    132

start using ublock

That's what I forgot; I have ublock installed in FF but with the latest install of Adguard I forgot to disable FF under 'Filtered Apps'.

 

Share this post


Link to post
Share on other sites
jnelsoninjax    12,606

I bet its your AV, do you have TLS/HTTPS scanning enabled?

To actually scan secure traffic, your AV has to break the security of the connection and fakes it for the browser to appear as if it's secure. If it doesn't know how to interact with 64bit Firefox, it can't lie to the browser, and the browser will see the connection is insecure. If that's the case, the only reason it worked with Cyberfox was because it's a 3rd party build, and it probably didn't detect it as a browser.

Edit: Yeah, pretty sure it's that. Firefox is complaining that the certificate for YouTube doesn't chain to a built in root, so either your certificate store is entirely busted, or the AV hasn't installed their root certificate.

That was it. Disabled Private Browsing within Kaspesky and suddenly everything works! :D

  • Like 1

Share this post


Link to post
Share on other sites
Boo Berry    2,264

If you are using Adguard uncheck 'Filter HTTPS Protocol', and all is good. I'm guessing any AV that has a similar switch will need to be neutralized.

No need, just follow this tutorial to manually re-import Adguard's certificate and it works fine.

https://kb.adguard.com/index.php?/Russian/Knowledgebase/Article/View/54/10/connection-is-not-trusted---firefox

  • Like 1

Share this post


Link to post
Share on other sites
The_Decryptor    1,105

Personally I'd avoid using anything that breaks TLS connections, even if it's for a "good" cause.

It breaks stuff like HPKP in the browser, so if somebody is actually performing a MITM attack and your AV/etc. doesn't specifically check for that (By having a strict HPKP implementation, etc.), it'll hide those details from your browser entirely. And it's quite possible the interceptor doesn't support the same protocol versions and ciphers as your browser.

  • Like 1

Share this post


Link to post
Share on other sites
T3X4S    4,532

See ?  Get rid of KAV - and its all unicorns and rainbows, fluffy clouds, and puppies.
Install Webroot Secure Anywhere and you get puppies with lasers !  lasers man...lasers

Share this post


Link to post
Share on other sites
Night Prowler    132
That fixed it correctly:
 
Thanks...

Share this post


Link to post
Share on other sites
Obi-Wan Kenobi    1,121

As to adguard....I just received an update, and with adguard enabled, FF64 now displays https sites correctly, so I guess they fixed it. ;)

Share this post


Link to post
Share on other sites
Boo Berry    2,264

If you're using the Adguard v6 beta, all you need to do is open Adguard's settings, go to General Settings and press the Reinstall Certificate button while Firefox is closed. That should easily fix this. :)

  • Like 1

Share this post


Link to post
Share on other sites
erpster3    37

it's Kaspersky antivirus/internet security software (any version).  I got that problem of Firefox not being able to access https sites because of Kaspersky [had that problem since Firefox 39].

Solution: either uninstall Kaspersky or follow the instructions in this Kaspersky forum page to import a "certificate" CER file into Firefox.  that made https sites like Google to function correctly in Firefox.

Share this post


Link to post
Share on other sites
Night Prowler    132

it's Kaspersky antivirus/internet security software (any version).  I got that problem of Firefox not being able to access https sites because of Kaspersky [had that problem since Firefox 39].

Solution: either uninstall Kaspersky or follow the instructions in this Kaspersky forum page to import a "certificate" CER file into Firefox.  that made https sites like Google to function correctly in Firefox.

Did you do this

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.