jackjohnson44
asked on
Firefox - This Connection is Untrusted
I am having an issue going to ssl sites using FireFox. This can be seen on https://mail.google.com so I know it isn't a bad certificate. Also my computer clock is correct so please don't post a link about that. I want the issue to be fixed not to create a work around.
Please do not google the title and post links, I have already tried googling the issue.
Thanks!
Please do not google the title and post links, I have already tried googling the issue.
Thanks!
SSharma,
AFAIK, Mozilla browsers have their own certificate storage, they don't use Windows'.
jackjohnson44,
Did you try just reinstall Firefox?
AFAIK, Mozilla browsers have their own certificate storage, they don't use Windows'.
jackjohnson44,
Did you try just reinstall Firefox?
ASKER
I am running windows 7 with everything updated. I can view mail.google.com on chrome and internet explorer without issue. I deleted all internet files, deleted my profile, and cleared the cache. I also deleted all plugins and extensions.
You already did a lot, so uninstall the Firefox and install it again I guess is not a big deal. Can you try that?
ASKER
I just uninstalled, restarted, installed, same issue.
Could you please post the screenshot of the error, make sure to include the address in the address bar is included in the screenshot.
Sudeep
Sudeep
ASKER
Here is my screen shot. I didn't show the full address since I believe it is some hashed key to my account. If I go to mail.google.com I can sign in, then I am redirected to the https site which gives me an error.
Capture.PNG
Capture.PNG
I would doubt if there is any plugin which might is causing this.
Could you please run OTL and post the logs?
OTL by OldTimer is a flexible, multipurpose, diagnostic, and malware removal tool. It's useful for identifying changes made to a system by spyware, malware and other unwanted programs. It creates detailed reports of registry and file settings, and also includes advanced tools and scripting ability for manual removing malware.
Download:
http://oldtimer.geekstogo.com/OTL/OTL.exe
Alternate downloads and locations:
Sometimes malware will block OTL.exe by name, or all executables. In that case try one of these alternatives.
OTL.com: http://oldtimer.geekstogo.com/OTL.com
OTL.scr: http://oldtimer.geekstogo.com/OTL.scr
Mirrors:
OTL.com: http://www.itxassociates.com/OT-Tools/OTL.com
OTL.scr: http://www.itxassociates.com/OT-Tools/OTL.scr
OTL.exe: http://www.itxassociates.com/OT-Tools/OTL.exe
When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
Sudeep
Could you please run OTL and post the logs?
OTL by OldTimer is a flexible, multipurpose, diagnostic, and malware removal tool. It's useful for identifying changes made to a system by spyware, malware and other unwanted programs. It creates detailed reports of registry and file settings, and also includes advanced tools and scripting ability for manual removing malware.
Download:
http://oldtimer.geekstogo.com/OTL/OTL.exe
Alternate downloads and locations:
Sometimes malware will block OTL.exe by name, or all executables. In that case try one of these alternatives.
OTL.com: http://oldtimer.geekstogo.com/OTL.com
OTL.scr: http://oldtimer.geekstogo.com/OTL.scr
Mirrors:
OTL.com: http://www.itxassociates.com/OT-Tools/OTL.com
OTL.scr: http://www.itxassociates.com/OT-Tools/OTL.scr
OTL.exe: http://www.itxassociates.com/OT-Tools/OTL.exe
When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
Sudeep
What does the "Technical Details" section in your screenshot say?
Try to compare the certificates in the Firefox and IE (windows). Are there any differences in the google site certificate and the list of the CA in both places?
Try to compare the certificates in the Firefox and IE (windows). Are there any differences in the google site certificate and the list of the CA in both places?
ASKER
ASKER
zc2, here are the tech details
mail.google.com uses an invalid security certificate.
The certificate is not trusted because the issuer certificate is unknown.
(Error code: sec_error_unknown_issuer)
mail.google.com uses an invalid security certificate.
The certificate is not trusted because the issuer certificate is unknown.
(Error code: sec_error_unknown_issuer)
If you open the list of Firefox's CA certificates (Tools->Options->Advanced- >Certifica tes->View Certificates->Authorities) , can you see the "GeoTrust Global CA" certificate in the list?
ASKER
Sorry for the late reply. I didn't notice you commented. Yes, I see that in the list. Under the column "Security Device" it says "Builtin Object Token".
Did you try this:
The file cert8.db in your profile folder may have become corrupted. Delete this file while Firefox is closed.(from here)
Open your profile folder:
At the top of the Firefox window, click on the Firefox button, go over to the Help menu and select Troubleshooting Information. The Troubleshooting Information tab will open.
Under the Application Basics section, click on Show Folder. A window with your profile files will open.
Note: If you are unable to open or use Fire¿fox, follow the instructions in Finding your profile without opening Firefox.
At the top of the Firefox window, click on the Firefox button and then select Exit
Click on the file named cert8.db.
Press Delete.
Restart Firefox.
cert8.db will be recreated when you restart Firefox. This is normal.
ASKER
Thanks but that didn't work. I also tried the "Reset Firefox" option under the troubleshooting area and still didn't have any luck. I also uninstalled and re-installed FF with no luck.
I'm sending you my certificate chain for mail.google.com.
Could you please open it and compare the certificate, the Google G2 CA certificate and the GeoTrust CA certificate with the same on your Firefox?
Rename the file from .txt to .crt and double click on it to open into a viewer.
Yo can also export your mail.google.com certificate and post it here.
mail.google.crt.txt
Could you please open it and compare the certificate, the Google G2 CA certificate and the GeoTrust CA certificate with the same on your Firefox?
Rename the file from .txt to .crt and double click on it to open into a viewer.
Yo can also export your mail.google.com certificate and post it here.
mail.google.crt.txt
ASKER
When I open the certificate on mail.google.com (not the one you sent), I can see the company where I am working from as the name of the Issued By Common name, and organization. Is this the issue?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I wasn't able to find an answer so I am just going to switch to using Chrome from now on.
Sudeep