Firefox Error "This Connection is Untrusted" for Gmail - Can't Access Page

Hi All,
I used to get this SSL error in the past and after saying "I Understand the Risks" I could use my gmail page.

Suddenly it has stopped working. The option "confirm security exception" is disabled so I can't do much. Same page works fine under IE.

I am using firefox 4.0.1

Thanks


DBA-000408.png
DBA-000409.png
crazywolf2010Asked:
Who is Participating?
 
ParanormasticCryptographic EngineerCommented:
A couple ideas to troubleshoot, in no particular order (noting crdmendozanet's post just above...):

1) Clear browsing history
2) Disable any add-ons (can always re-enable later)
3) Upgrade FF
4) Try another browser - IE, Opera, Chrome, Safari...
5) The error message says that the full certificate chain was not presented.  Normally the client will only trust the root and will not know about the rest of the CA servers - it gets this info from the server in most cases.  However, you can install the correct certificate into: Tools - Options - Advanced - Encryption - View Certificates - Authorities - Import - (specify the .cer or .crt certificate file).  To get this yourself, select the view certificate button on your exception screen - Details tab - Authority Information Access.  There should be a URL there - copy the entire file and paste it into your browser, then save the file that it asks you to.  This will be the certificate file to import.

I can't view mail.google.com from this location to give you the specific address, but if you get the same thing at https://www.google.com then it may be the same CA certificate.  Here is the link for the issuing certificate that I am seeing from there, issued from the root "Equifax Secure Certificate Authority"

Issuer: Google Internet Authority
http://www.gstatic.com/GoogleInternetAuthority/GoogleInternetAuthority.crt

** Note: Take care that you are not getting spoofed!  Look at the certificate link you are about to download.  Look at the certificate after downloading it before you install it - make sure it comes from a root CA that is already trusted (i.e. you do not receive warnings).  This could potentially result from an SSL "man-in-the-middle" attack using a fake certificate.  If you are not sure, post the download link here and if you downloaded it then post the thumbprint/fingerprint/hash value.  Make sure the issuer of the downloaded certificate was not 'DigiNotar'.

0
 
X_layerCommented:
Are date and time correct on your computer?
0
 
DonConsolioCommented:
Press "[Get Certificate]" first, then you can add an exception.

verify the certificate if possible before accepting
0
How do you know if your security is working?

Protecting your business doesn’t have to mean sifting through endless alerts and notifications. With WatchGuard Total Security Suite, you can feel confident that your business is secure, meaning you can get back to the things that have been sitting on your to-do list.

 
crazywolf2010Author Commented:
Hi,
That is not possible here.
I used that earlier which worked but now that option is just not enabled. Please see attached images for details.

Thanks
0
 
Christopher Raymond MendozaCommented:
From the menu click 'Start Private Browsing' then test the site again.
0
 
Christopher Raymond MendozaCommented:
0
 
crazywolf2010Author Commented:
Hi,
Under Private Browsing it does work but then I can't use any of my other links.


Used link  http://weblogin.bu.edu/troubleshooting?cmd=ssl, results below.

Troubleshooting Web Login problems
Are we going through a proxy server? (help)

LINELINE
Your browser must pass each test shown below.
1       Are cookies enabled?       PASSED       (help)
2       Is JavaScript enabled?       PASSED       (help)
3       Does SSL encryption work?       PASSED       (help)
4       Do SSL addresses match non-SSL addresses?       PASSED       (help)
0
 
Christopher Raymond MendozaCommented:
Hello crazywolf2010,

Unfortunately you are not alone with this problem. It has been reported and discussed on a few sites. Hopefully these can help:

    http://support.mozilla.com/en-US/questions/751415
    http://support.mozilla.com/en-US/questions/816705
    https://wiki.mozilla.org/Security:Renegotiation
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.