ALL-INKL.COM - Webhosting Server Hosting Domain Provider

Firefox 65 causing problems

If you recently updated your firefox, you might have experienced
problems with HTTPS sites. Main problem for the ominous
SEC_ERROR_UNKNOWN_USER problem are certificates from a
handful of virus scanners. Among them are Kaspersky and Avast.

The problem however is well-known as it has to do with the way how virus scanners are scanning inbound and outbound HTTPS traffic. They act as a proxy and thus issue certificates of their own for the HTTPS connection. Firefox however cannot verify the origin of the local certificate against any of the global CAs thus presenting the error mentioned above.

The most relaxing solution would be to import the local certificate of the virus scanner to Firefox’s certificate storage to have Firefox validate the usage of that certifcate once a secure HTTP connection is established.

This is Mozilla’s official workaround:

Fixing the certificate errors in Firefox 65

If you have upgraded to Firefox 65 and are seeing errors when browsing the web that state the “Connection is not secure”, then you are most likely affected by this bug and seeing a conflict between the browser and your antivirus software.

With this said, you have two options that can help you browser the web properly again, but neither option is ideal.

Option 1: Disable HTTPS scanning in your antivirus software

To temporarily fix this issue, you can disable HTTPS scanning in your antivirus program. This is not the recommended solution as you will no longer be protected from malicious SSL web sites. 

The instructions on how to disable HTTPS scanning is different for each program. Below are various articles that explain how to disable HTTPS scanning:

As Avast and AVG are on the process of pushing out a hotfix to disable HTTPS filtering in their products, you do not need to disable it in their program as that will cause this protection to be disabled for all browers on your computer.

It should be noted that when you disable HTTPS scanning in your antivirus software’s web protection module, you are no longer protected malicious SSL sites. For this reason, we recommend the next option instead.

Option 2: Allows Firefox to use certificates from Windows certificate store

By default, Firefox 65 will use only use the certificates in their built in browser certificate store. It is possible, though, to enable the ability to also use the antivirus engine’s certificate that are created in the Windows certificate store to validate other web sites certificates.

To enable Firefox to use the certificates installed as a Windows Trusted Certificate Authority, you can enable to the security.enterprise_roots.enabled option. To do this, please follow these steps:

  1. Type about:config in the Firefox address bar and then press enter. When Firefox asks, click on the button stating that you accept the risks.
  2. In the search field enter security.enterprise_roots.enabled and press enter.
  3. Double-click on security.enterprise_roots.enabled so that it toggles to true as shown below.
  4. You can now close the about:config page.

You have now enabled Firefox to use the Avast root certificate located in the Windows certificate store and you should be able to properly browse the web again.

February 5, 2019 Netspark - 1593 posts - Member since: May 9th, 2011 No Comments »

Rockbottom!Very badBadAverageGoodVery goodAwesome! (1 votes, average: 4.00 out of 7)
FILED UNDER :Computer , News , Technology
TAGGED WITH : , , , , , , ,

Leave a comment