Firefox Security Certificate reports mixed content on secure page: Production & Nightly

Similar Messages

• Firefox won't open my PayPal account. There is a message about security certificates

  I am having a lot of trouble with security certificates for different sites. Messages keep coming up about invalid security certificates and it isn't true. I have to check my PayPal account and I can't get into it. eBay also register as invalid security certificates.

  Make sure that your security software isn't intercepting secure connections and send its own certificate.
  You can retrieve the certificate and check who issued the certificate.
  * Click the link at the bottom of the error page: "I Understand the Risks"
  Let Firefox retrieve the certificate: "Add Exception" -> "Get Certificate".
  * Click the "View..." button to inspect the certificate and check who is the issuer and other details.

• Firefox is showing a grey globe for secure site when other browsers are showing a lock icon.

  We have several sites that have SSL Certificates. When the website switches to HTTPS, Firefox still shows our pages with a grey globe. Sites (like Amazon) are showing they are secure displaying HTTPS pages. Other browsers are displaying our pages secure like they should.

  a grey globe should only be shown for a "secure" page when there's mixed content on that page
  https://blog.mozilla.org/ux/2012/06/site-identity-ui-updates/
  https://developer.mozilla.org/en-US/docs/Security/MixedContent

• Firefox 23 and mixed content

  The Firefox 23 release notes claim that mixed content pages are now blocked. The Mozilla Messaging Forum for Thunderbird support has mixed content, but it is not blocked. Why say that sites with mixed content are blocked if they are not? The URL:
  http://getsatisfaction.com/mozilla_messaging/topics

  Firefox has two prefs to control mixed content.
  *security.mixed_content.block_active_content
  *security.mixed_content.block_display_content
  Only block_active_content is currently set to true by default. block_display_content is still false, so thing like images aren't blocked.
  *Web Console (Firefox/Tools > Web Developer;Ctrl+Shift+K)
  *https://developer.mozilla.org/en/Security/MixedContent
  *http://kb.mozillazine.org/about:config
  <pre><nowiki>Blocked loading mixed display content "http://www.mozilla.org/thunderbird/img/tb5/page-background.png" @ https://getsatisfaction.com/mozilla_messaging/topics
  Blocked loading mixed display content "http://www.mozilla.org/thunderbird/img/tb5/title.png" @ https://getsatisfaction.com/mozilla_messaging/topics
  Blocked loading mixed display content "http://mozilla.org/img/covehead/template/title.png" @ https://getsatisfaction.com/mozilla_messaging/topics</nowiki></pre>

• Cannot login to secure banking website - Chase - Security Certificates?

  I cannot find another post by anyone who is having this problem.
  At the login web page for Chase, here: https://chaseonline.chase.com
  I do not have autocaps or caps lock on. I have been very meticulous when entering my password, many times, with no luck.
  This site works fine for Safari on my PowerBook. It must be something to do with security certificates. However, many other secure sites have no problems.
  Has anyone else been successful with logging into their bank account? (at Chase)

  I just logged on to mine for the first time today. It told me I needed a code to enter as it detected I was logging in from a different computer. I asked it to send the code via SMS to my iPhone. It sent the code in about 30 secs. I entered the code and voila, I was on. But I used Safari and just plugged in www.chase.com

• Firefox reporting bad security certificates

  All of a sudden, Firefox is reporting "bad security certificate" for a number of websites--including Mozilla's!! I am using version 6.0.
  The problem is worst on Google+. I added exceptions for the security certificate issues, but Firefox will not load any photos at all anymore for Google+. This is not an issue with IE on the same computer. This problem has been occurring only for the last three days.

  I had already read that article, performed the recommended actions, and upgraded to 6.0.1. Unfortunately this has not solved anything. In addition to Google+, other https websites are having the same problem: Vanguard, Yahoo Mail, etc. This is happening across three of my computers, only on Firefox. When I use IE on the same computers to navigate to the same sites, no problems are occurring. I have tested both work and home PCs and it is happening no matter where I connect from.

• A fix for the Mozilla Firefox SSL Certificate Validation Security Weakness vulnerability? This appears to be an issue with not revalidating certificates when loading HTTPS pages from cache.

  We have to close vulnerabilities for PCI & Cybertrust certification. We have upgraded users running Firefox to version 7.0.1 but we are still receiving the message: Mozilla Firefox SSL Certificate Validation Security Weakness. Researching the issue, it appears to be related to certificates not being revalidated when loading HTTPS pages from cache. The bug report I found is:
  Bug 660749 - Firefox doesn't (re)validate certificates when loading a HTTPS page from the cache

  cookies.squite answer is Today at 5:15 PM .
  New profile, same problem.
  We've already established it is not a add-ons problem but obviously there will be less add-ons in this new profile to help exclude.
  Since there is two PC profiles on the PC, I tried the second profile, same problem. Used the RESET FF function on the second PC profile...same thing...even followed the instruct for uninstall &re-install...same problem.
  (3) different virus scanners, no hard core problems.
  Suspect how I have something in Windows setup that no one else is using?

• Firefox (21.0) won't accept the security certificate for Twitter & won't let me add an exception.

  My mother was having problems with her computer on the Internet and had to reset the modem. Problem was, I was on the Internet at the time using Twitter. She reset the modem, I thought everything was okay, but now Firefox isn't letting me access Twitter at all because of the security certificate. Here's the error message:
  This Connection is Untrusted
  You have asked Firefox to connect
  securely to twitter.com, but we can't confirm that your connection is secure.
  Normally, when you try to connect securely,
  sites will present trusted identification to prove that you are
  going to the right place. However, this site's identity can't be verified.
  What Should I Do?
  If you usually connect to
  this site without problems, this error could mean that someone is
  trying to impersonate the site, and you shouldn't continue.
  twitter.com uses an invalid security certificate.
  The certificate is not trusted because the issuer certificate is not trusted.
  The certificate is only valid for gateway.2wire.net
  (Error code: sec_error_untrusted_issuer)
  gatway.2wire.net is the default error page for my modem, if the Internet is not working at all. I think the problem here is that now Firefox thinks the legitimate site for Twitter is the error page and not, well, Twitter.com. Also, I'm not getting any "add exception" option. How do I fix this?

  Clear the cache and the cookies from websites that cause problems.
  "Clear the Cache":
  *Firefox/Tools > Options > Advanced > Network > Cached Web Content: "Clear Now"
  "Remove Cookies" from sites causing problems:
  *Firefox/Tools > Options > Privacy > Cookies: "Show Cookies"

• How can I display content blocked by an invalid security certificate?

  I am using Firefox 30.0 which I installed to replace IE8. I log in to my health insurance site. When I try to go to the Provider Directory Search (PDS), nothing happens. I thought the PDS might be a pop-up so I tried both making the web page a pop-up exception and then also just turning the pop up blocker off completely. Neither helped.
  I then tried to access the same PDS page via IE8 and IE8 displayed a “Content was blocked because it was not signed by a valid security certificate” error page. Also, IE8 displayed a bar with options that allowed me to display blocked content regardless of the status of the security certificate. The PDS page then displayed.
  I went back to FF30 and tried again. The PDS page did not display and no error message nor options bar was displayed. Next, I tried finding an option related to this problem. Options/Security had nothing for Security Certificates. Options/Advanced/Security seemed to deal with security certificates my copy of FF30 would provide to web sites and not the web sites certificates provided to me. I tried clicking on the “lock” icon of the page from which I should be transferred to the PDS page. The security certificate information displays but I could not see any option that would help me and this is the security certificate from the previous page anyway and not the PDS page that is being blocked.
  If I could just get a Security Certificate error to display, I was hoping I would then be given the option of displaying the blocked content anyway. Without even an FF30 error condition being displayed (as does IE8), I am unable to proceed.
  Ideas about what to try would be greatly appreciated. Thanks, Claude

  You can inspect the certificate chain via a site like this:
  *http://www.networking4all.com/en/support/tools/site+check/

• Message for an invalid security certificate keeps popping up when I open firefox

  "fvd.kallout.com: 443 uses an invalid security certificate
  the certificate expired on 5/31/11
  this could be a problem with the servers configuration or it could be someone trying to impersonate the server
  if you have connected to the server successfully in the past the error may be temporary and you can try again later"
  This is what opens on my screen every time I have opened Firefox today. If I hit "cancel" the window closes, but I do not know what it means or how to permanently clear it, or if someone is trying to use my system illegally.
  Can you please tell me what my best next course of action is?
  Thank you,
  cemerrick

  The "<b>Fast Video Download</b>" extension has been reported to cause this issue.
  *Fast Video Download: https://addons.mozilla.org/firefox/addon/fast-video-download-with-searc/

• When I try to download the latest version of iTunes on my iPod Classic I get the message that "iTunes has an invalid signature" and that "Content was blocked because it was not signed by a valid security certificate.  Anyone know how to fix this?

  When I try to download the latest version of iTunes from apple.com, I get the message "Content was blocked because it was not signed by a valid security certificate."When I open iTunes and try to download the latest version there, I get the message "iTunes has an invalid signature.  The download has been removed."  I have also gotten an Internet Script Error stating that an error has occured in Line 0, Char O and that "Access is denied to images.apple.com/global/scripts/lib/iepngfix.htc."  This problem has never occurred with earlier versions of ITunes.  Anyone know how to fix this problem? 

  Are you downloading iTunes form an Apple website or somewhere else? If the answer is somewhere else, try downloading it from Apple. Click on iTunes in the black menu bar above and go from there.
  Let us know what happens.

• After upgrading to Firefox 10.0.2 there is no way to proceed to a website with an invalid security certificate. How do you proceed to these websites in the new release? The fault page only has a button that says "Try again."

  Using Firefox 10.0.2 for Mac.
  In trying to proceed to various websites (corporate such as dlnet.delta.com (expired certificate), government such as https://www.homeport.navy.mil/links/owa-navy-links/ ) with "invalid" security certificates, Firefox 10.0.2 does not have a button on the error page to continue on to the website. How can you do this using Firefox 10.0.2? I have not found any settings in Firefox preferences to enable this capability either.
  Thx.

  Start Firefox in <u>[[Safe Mode]]</u> to check if one of the extensions or if hardware acceleration is causing the problem (switch to the DEFAULT theme: Firefox/Tools > Add-ons > Appearance/Themes).
  *Don't make any changes on the Safe mode start window.
  *https://support.mozilla.org/kb/Safe+Mode
  *https://support.mozilla.org/kb/Troubleshooting+extensions+and+themes

• I cannot download software or export secure Certificate from Firefox, but can with Internet Explorer. This is crucial for meeting a deadline with an international patent Filing Today. Pls help - 555-555-5555. Sheldon

  I tried to download an e-filing client software from the World Intellectual Property Organization (WIPO) website [http://www.wipo.int/pct-safe/en/download/download_client.htm] using Firefox. Clicking the link to download yielded no activity. I eventually tried the same link in internet explorer and it worked. This occurred last week. I have a deadline to complete an international patent filing today; and in order to do so online, I had to request a Secure Digital ID from WIPO. It was approved and received early this morning (Central European Time Zone); and the accompanying guidelines suggested that I use the same computer and browser to retrieve the ID. This meant that since I use Firefox as my default browser my request was also made and had to be retrieved in Firefox. Following the WIPO support instructions I ran into exactly the same problem of inactivity when trying to "Backup" my newly installed ID certificate per WIPO instruction, so that it may be imported into the e-filing software. Please help as soon as you can as my patent deadline is merely hours away. Please also see a response from the WIPO helpdesk below:
  Dear User,
  we hereby provide the following solution / answer to your request:
  Subject: Certificates (use of and different types)/26708 Answer from PCT-SAFE Help Desk:
  Unfortunately, apart from revoking your new certificate and then re-enrolling using Internet Explorer, I do not see many options.
  We cannot do support for external software, like Firefox, but I had a quick glance at Mozilla's support side and it seems that you might be able to resolve your problem by starting Firefox in safe mode, and/or disabling all your Firefox extensions. I have to stress the fact that this is not a procedure tested and approved by the PCT-SAFE team.
  As this is an extremely time-sensitive issue please also contact me by phone so that we can work through the solution in real-time. I can be reached at 555-555-555 - Sheldon
  '''Moderator edit: Removed personal information. This is a public forum. Please do not post any personal information as it may put your safety at risk -FF4L'''
  == This happened ==
  Every time Firefox opened
  == Attempting to download from a secure server

  Just to follow up on my findings. My last issue regarding the digital certificate was not at the time of initial download into Firefox, but my application required that I backup the certificate into a folder which can then be accessed to sign a submission generated by a third-party Client software.
  After finally steering away from the digital signing route by opting for a non digital filing of my project, I later revisited the Firefox certificates list only to find that the 'Backup' button still didn't work or respond in any way whatsoever; however since I only had a single certificate on my list... I threw my hand up in the air and tried the 'Backup All' button... guess what - that worked!! My browser then navigated to a file browser which allowed me to save the certificate to a folder of my choice. Of course this was after the fact as my deadline had already passed and and I had the Administrator who initially granted my secure ID revoke it once I was blocked from downloading it by Firefox.
  Just an update/FYI for y'all... But I'm not sure if this type of anomoly is due to a glitch on my computer or a glitch on the browser - but it certainly did catch me off-guard during a deadline.

• Invalid security certificate for my website host-they say the problem is Apple Safari and use Firefox instead

  For the past few days, I keep getting an invalid security certificate in Safari whenever I select Edit My Site from my website homepage (http://annaporterartist.com), or whenever I select anything requiring a secure log in from my website host main page (FASO.com). I have contacted technical support at my website host (fineartstudioonline.com) and they say that this has been an intermittently recurring problem in Safari for years and they recommend that I use Firefox instead. As proof of this they emailed a link to an Apple Support discussion, but it was for Mac OS X Lion v 10.7.4 and Safari 5.1, even though I told them I am using Mac OS X Mountain Lion v 10.8.2 and Safari 6.0.2. I do not get this error message anywhere else on the web using Safari. I did try Firefox and it seems to work fine, but I prefer Safari and I want to know why Safari is not working as it should be. I am concerned that there is a real security problem with my website host and I need someone to explain why I am getting this error message, what it means, and if it is, in fact, a known problem with Safari or is my website host corrupted? Really tired of technical support playing pass the buck or pretending the problem does not exist.
  The specific error message is:
  Their response to my inquiry and my reply is shown below:

  Back up all data.
  Launch the Keychain Access application in any of the following ways:
  ☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)
  ☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.
  ☞ Open LaunchPad. Click Utilities, then Keychain Access in the icon grid.
  From the menu bar, select
  Keychain Access ▹ Preferences ▹ Certificates
  There are three menus in the window. What is selected in each of them?

• I have a server runnng on Mac OS 9.2.2 with a secure certificate from Verisign. Apparently some Firefox users get a message warning that the issuer is unknown to them. Verisign is perhaps the best-known issuer of certificates

  Note: I am in the process of moving the site to our central server so all pages, with the exception of the secure ones and the homepage, are redirected. See https://www.homelink-usa.com/secure/subscribe/subscribe.lasso which is secure and, in my browser Firefox 3.6.13, the location window is blue just like your site that I am typing on. The certificate expires on March 20, 2011.
  I do not get the error message on any of my machines or browsers.
  Karl
  This Connection is Untrusted
  You have asked Firefox to connect securely to *www.homelink-usa.com*,
  but we can't confirm that your connection is secure.
  Normally, when you try to connect securely, sites will present trusted
  identification to prove that you are going to the right place. However,
  this site's identity can't be verified.
  What Should I Do?
  If you usually connect to this site without problems, this error could
  mean that someone is trying to impersonate the site, and you shouldn't
  continue.
  Technical Details
  www.homelink-usa.com uses an invalid security certificate. The
  certificate is not trusted because the issuer certificate is unknown.
  (Error code: sec_error_unknown_issuer)
  I Understand the Risks
  If you understand what's going on, you can tell Firefox to start
  trusting this site's identification. *Even if you trust the site, this
  error could mean that someone is tampering with your connection.*
  Don't add an exception unless you know there's a good reason why this
  site doesn't use trusted identification.

  Might have a hardware issue that was caused by the minor liquid spill.
  Take it to Apple to have them look at it.  I think they do a free diagnostics.  That way you can find out what's wrong with your MB.
  Good luck....Hope you get it sorted out.