Just upgraded to FF 42 X64, now I can not access https sites

[The_Decryptor Veteran]

I bet its your AV, do you have TLS/HTTPS scanning enabled?

To actually scan secure traffic, your AV has to break the security of the connection and fakes it for the browser to appear as if it's secure. If it doesn't know how to interact with 64bit Firefox, it can't lie to the browser, and the browser will see the connection is insecure. If that's the case, the only reason it worked with Cyberfox was because it's a 3rd party build, and it probably didn't detect it as a browser.

Edit: Yeah, pretty sure it's that. Firefox is complaining that the certificate for YouTube doesn't chain to a built in root, so either your certificate store is entirely busted, or the AV hasn't installed their root certificate.

[Night Prowler]

If you are using Adguard uncheck 'Filter HTTPS Protocol', and all is good. I'm guessing any AV that has a similar switch will need to be neutralized.

Remember if this is the new 64bit FF that some plugins might not work. A registered version of RoboForm when used indicates that RoboForm needs to be registered. Looks like an update is needed?

[T3X4S]

start using ublock, and get rid of Kaspersky - all will be right in the world.  Rainbows everyday - freaking unicorns farting rainbows I tell you.

[Night Prowler]

start using ublock

That's what I forgot; I have ublock installed in FF but with the latest install of Adguard I forgot to disable FF under 'Filtered Apps'.

 

[jnelsoninjax]

I bet its your AV, do you have TLS/HTTPS scanning enabled?

To actually scan secure traffic, your AV has to break the security of the connection and fakes it for the browser to appear as if it's secure. If it doesn't know how to interact with 64bit Firefox, it can't lie to the browser, and the browser will see the connection is insecure. If that's the case, the only reason it worked with Cyberfox was because it's a 3rd party build, and it probably didn't detect it as a browser.

Edit: Yeah, pretty sure it's that. Firefox is complaining that the certificate for YouTube doesn't chain to a built in root, so either your certificate store is entirely busted, or the AV hasn't installed their root certificate.

That was it. Disabled Private Browsing within Kaspesky and suddenly everything works!

[Boo Berry]

If you are using Adguard uncheck 'Filter HTTPS Protocol', and all is good. I'm guessing any AV that has a similar switch will need to be neutralized.

No need, just follow this tutorial to manually re-import Adguard's certificate and it works fine.

https://kb.adguard.com/index.php?/Russian/Knowledgebase/Article/View/54/10/connection-is-not-trusted---firefox

[The_Decryptor Veteran]

Personally I'd avoid using anything that breaks TLS connections, even if it's for a "good" cause.

It breaks stuff like HPKP in the browser, so if somebody is actually performing a MITM attack and your AV/etc. doesn't specifically check for that (By having a strict HPKP implementation, etc.), it'll hide those details from your browser entirely. And it's quite possible the interceptor doesn't support the same protocol versions and ciphers as your browser.

[T3X4S]

See ?  Get rid of KAV - and its all unicorns and rainbows, fluffy clouds, and puppies.
Install Webroot Secure Anywhere and you get puppies with lasers !  lasers man...lasers

[Night Prowler]

That fixed it correctly:

 

Thanks...

[Obi-Wan Kenobi]

As to adguard....I just received an update, and with adguard enabled, FF64 now displays https sites correctly, so I guess they fixed it.

[Boo Berry]

If you're using the Adguard v6 beta, all you need to do is open Adguard's settings, go to General Settings and press the Reinstall Certificate button while Firefox is closed. That should easily fix this.

[erpster3]

it's Kaspersky antivirus/internet security software (any version).  I got that problem of Firefox not being able to access https sites because of Kaspersky [had that problem since Firefox 39].

Solution: either uninstall Kaspersky or follow the instructions in this Kaspersky forum page to import a "certificate" CER file into Firefox.  that made https sites like Google to function correctly in Firefox.

[Night Prowler]

it's Kaspersky antivirus/internet security software (any version).  I got that problem of Firefox not being able to access https sites because of Kaspersky [had that problem since Firefox 39].

Solution: either uninstall Kaspersky or follow the instructions in this Kaspersky forum page to import a "certificate" CER file into Firefox.  that made https sites like Google to function correctly in Firefox.

Did you do this