We keep getting the message "This Connection is Untrusted" when we try to access gGoogle and other obviously legitimate websites. How do we solve this problem
We keep getting the message "This Connection is Untrusted" when we try to access Google and other obviously legitimate websites in Firefox. If we use other browsers 9eg. Internet Explorer) , we do not have this problem. How do we solve this? The exact error code is "(Error code: sec_error_cert_signature_algorithm_disabled)
所有回覆 (5)
When you get this for pretty much all secure sites, the problem usually is one of the following:
(1) Error in your system's date, time, or time zone, which throws off certificate validity checks. Sometimes allowing computers to use an internet-based time source can introduce this problem.
(2) Firefox not being set up to work with your security software that intercepts and filters secure connections. Products with this feature include Avast, BitDefender, ESET, and Kaspersky; AVG has a Search Shield feature which can cause this error on search sites.
(3) On Windows 10, Firefox not being set up to work with the parental control software Microsoft Family Safety. (To test by turning it off, see: http://windows.microsoft.com/en-us/wi.../turn-off-microsoft-family-settings)
(4) Malware on your system intercepting secure connections.
So... which is it?
If you have any of those specific security products, that would be the first thing to check. We might be able to assist with specific next steps based on what you have if you tell us.
To gather further information, you could inspect a sample certificate to see whether that points to the culprit. If you want to try that now, here's how I suggest starting:
Load my test page at: https://jeffersonscher.com/res/jstest.php
You likely will get an error page. Expand the "I understand the risks" section and look for an Add Exception button.
Note: You don't need to complete the process of adding an exception -- I suggest not adding one until we know this isn't a malware issue -- but you can use the dialog to view the information that makes Firefox suspicious.
Click Add Exception, and the certificate exception dialog should open.
Click the View button. If View is not enabled, try the Get Certificate button first.
This should pop up the Certificate Viewer. Look at the "Issued by" section, and on the Details tab, the Certificate Hierarchy. What do you see there? I have attached a screen shot for comparison.
By the way, "sec_error_cert_signature_algorithm_disabled" is an extremely rare message when I search through the forum, but yours is the third thread with that code in the past 24 hours. It might be a new malware infection is going around, or a change in Firefox has surfaced something that has been on your system for a while.
Here is the entire text of what we get when we try to open google: This Connection is Untrusted
You have asked Firefox to connect securely to www.google.com, but we can't confirm that your connection is secure.
Normally, when you try to connect securely, sites will present trusted identification to prove that you are going to the right place. However, this site's identity can't be verified. What Should I Do?
If you usually connect to this site without problems, this error could mean that someone is trying to impersonate the site, and you shouldn't continue.
This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely. As a result, it is not possible to add an exception for this certificate.
www.google.com uses an invalid security certificate.
The certificate is not trusted because it was signed using a signature algorithm that was disabled because that algorithm is not secure.
(Error code: sec_error_cert_signature_algorithm_disabled)
There is no option to say we will take the risk and no button allowing us to add an exception.
Any ideas?
Hi norajohn, Firefox does not offer an option to add an exception for sites that use "strict transport security," like Google.
Did you test on my site?
If you can't inspect the certificate via "I Understand the Risks" then try this:
Open the "Add Security Exception" window by pasting this chrome URL in the Firefox location/address bar and check the certificate:
- chrome://pippki/content/exceptionDialog.xul
In the location field of this window type or paste the URL of the website.
- retrieve the certificate via the "Get certificate" button
- click the "View..." button to inspect the certificate in the Certificate Viewer
You can inspect details like the issuer and the certificate chain in the Details tab of the Certificate Viewer. Check who is the issuer of the certificate. If necessary then you can attach a screenshot that shows the certificate viewer.
Boot the computer in Windows Safe mode with network support (press F8 on the boot screen) to see if that has effect.