![\"\"](\"https:\/\/blog.netspark.de\/wp-content\/uploads\/2018\/08\/FireFoxLogoNew-480x480.png\")
If you recently updated your firefox, you might have experienced
\nproblems with HTTPS sites. Main problem for the ominous
\nSEC_ERROR_UNKNOWN_USER problem are certificates from a
\nhandful of virus scanners. Among them are Kaspersky and Avast.<\/p>\n
The problem however is well-known as it has to do with the way how virus scanners are scanning inbound and outbound HTTPS traffic. They act as a proxy and thus issue certificates of their own for the HTTPS connection. Firefox however cannot verify the origin of the local certificate against any of the global CAs thus presenting the error mentioned above.<\/p>\n
The most relaxing solution would be to import the local certificate of the virus scanner to Firefox’s certificate storage to have Firefox validate the usage of that certifcate once a secure HTTP connection is established.<\/p>\n
If you have upgraded to Firefox 65 and are seeing errors when browsing the web that state the “Connection is not secure”, then you are most likely affected by this bug and seeing a conflict between the browser and your antivirus software.<\/p>\n
With this said, you have two options that can help you browser the web properly again, but neither option is ideal.<\/p>\n
Option 1: Disable HTTPS scanning in your antivirus software<\/strong><\/p>\n To temporarily fix this issue, you can disable HTTPS scanning in your antivirus program. This is not the recommended solution as you will no longer be protected from malicious SSL web sites.\u00a0<\/p>\n The instructions on how to disable HTTPS scanning is different for each program. Below are various articles that explain how to disable HTTPS scanning:<\/p>\n As Avast and AVG are on the process of pushing out a hotfix to disable HTTPS filtering in their products, you do not need to disable it in their program as that will cause this protection to be disabled for all browers on your computer.<\/p>\n It should be noted that when you disable HTTPS scanning in your antivirus software’s web protection module, you are no longer protected malicious SSL sites. For this reason, we recommend the next option instead.<\/p>\n Option 2: Allows Firefox to use certificates from Windows certificate store<\/strong><\/p>\n By default, Firefox 65 will use only use the certificates in their built in browser certificate store. It is possible, though, to enable the ability to also use the antivirus engine’s certificate that are created in the Windows certificate store to validate other\u00a0web sites certificates.<\/p>\n To enable Firefox to use the certificates installed as a Windows Trusted Certificate Authority, you can enable to the\u00a0security.enterprise_roots.enabled option. To do this, please follow these steps:<\/p>\n\n
![\"\"](\"https:\/\/blog.netspark.de\/wp-content\/uploads\/2019\/02\/avast-certificate.png\")
<\/p>\n\n
![\"\"](\"https:\/\/blog.netspark.de\/wp-content\/uploads\/2019\/02\/security_enterprise_roots_enabled-option-640x353.png\")
<\/a><\/div>\n<\/li>\n