Your Connection is not secure

[Loboron]

Ever since Mozilla "Firefox" updated, almost all my attempts to connect to other URL's or download files or programs, including trying to Login here.(I'm currently using Chrome) I get "Your connection is not secure"

 

Anyone here experience this or know how to fix it.  I've completely uninstalled Firefox 3 times including all the data file folders.  I've tried to install older versions and then the new 5.0 Beta to no avail.  On a Google search no one seems to have a fix...

 

Any help or advice would be appreciated.

 

Thanks.... Ron

[Jordan]

11 minutes ago, Loboron said:

Any help or advice would be appreciated.

 

Read this article first if it can help you solve this issue : https://support.mozilla.org/en-US/kb/troubleshoot-SEC_ERROR_UNKNOWN_ISSUER

if not, other members can post other solutions....

[macnavarra]

check if you´re DNS client service is started. Could be the problem for registering you´re device on the internet. also date and time.

[Loboron]

49 minutes ago, jordan4x said:

 

Read this article first if it can help you solve this issue : https://support.mozilla.org/en-US/kb/troubleshoot-SEC_ERROR_UNKNOWN_ISSUER

if not, other members can post other solutions....

 

The site listed ESET and the fix.. however my setup was exactly as they suggested... didn't fix..

Thank you for the reply

[Loboron]

1 hour ago, macnavarra said:

check if you´re DNS client service is started. Could be the problem for registering you´re device on the internet. also date and time.

 

Did this and it says Running.

 

Any other ideas... this just started yesterday.. I made no changes or additions. Chrome is working perfectly.

[Loboron]

This what I received when I tried to logon to nsane:

 

Your connection is not secure

The owner of www.nsaneforums.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.

Learn more…

Report errors like this to help Mozilla identify and block malicious sites

[visualbuffs]

2 hours ago, Loboron said:

Ever since Mozilla "Firefox" updated, almost all my attempts to connect to other URL's or download files or programs, including trying to Login here.(I'm currently using Chrome) I get "Your connection is not secure"

 

Anyone here experience this or know how to fix it.  I've completely uninstalled Firefox 3 times including all the data file folders.  I've tried to install older versions and then the new 5.0 Beta to no avail.  On a Google search no one seems to have a fix...

 

Any help or advice would be appreciated.

 

Thanks.... Ron

 

2 hours ago, Loboron said:

 

 

 

 

check your time and date dude

[Loboron]

4 minutes ago, visualbuffs said:

 

 

 

 

 

check your time and date dude

 

The time and date is correct for my time zone.... thanks for the reply

[Kalju]

Certificate is installed correctly  
*(Please delete, if is not recommended that the information is available here.)

www.nsaneforums.com

•    This is not a Symantec certificate.
•    Please contact the Certificate Authority for further verification.

1. Symantec Info:

Spoiler

Certificate information

 

This server uses a Domain Validated (DV) certificate. No information about the site owner has been validated. Data is protected, but exchanging personal or financial information is not recommended.

Common name:

 sni27985.cloudflaressl.com

SAN:

 sni27985.cloudflaressl.com, *.bigfilmxjo.gq, *.cannaesthesia.com, *.cordenthia.com, *.discoveregyptdesert.com, *.hdcinemaqyf.ga, *.imjon.co.uk, *.innopage.com, *.iovo.pl, *.movietimelenm.gq, *.movietvept.ga, *.movietvjqe.gq, *.nsanedown.com, *.nsaneforums.com, *.rottentomatoesnpd.ga, *.sscccix.com, *.tamilmoviemp3.com, bigfilmxjo.gq, cannaesthesia.com, cordenthia.com, discoveregyptdesert.com, hdcinemaqyf.ga, imjon.co.uk, innopage.com, iovo.pl, movietimelenm.gq, movietvept.ga, movietvjqe.gq, nsanedown.com, nsaneforums.com, rottentomatoesnpd.ga, sscccix.com, tamilmoviemp3.com

 

Valid from:

 2016-Sep-20 00:00:00 GMT

Valid to:

 2017-Mar-26 23:59:59 GMT

 

Certificate status:

 Valid

Revocation check method:

 OCSP

Organization:

 

Organizational unit:

 PositiveSSL Multi-Domain,Domain Control Validated

City/locality:

 

State/province:

 

Country:

 

Certificate Transparency:

 Not embedded in certificate

 

Serial number:

 f9fcc3869f7683a2487e4ae5c834ddf1

Algorithm type:

 SHA256withECDSA

Key size:

 256

Certificate chain

Show details

 

• COMODO ECC Certification AuthorityIntermediate certificate
  • COMODO ECC Domain Validation Secure Server CA 2Intermediate certificate
    • sni27985.cloudflaressl.comTested certificate

Server configuration

 

Host name:

 104.28.10.23

Server type:

 cloudflare-nginx

IP address:

 104.28.10.23

Port number:

 443

 

Protocols enabled:

 

TLS1.2

 

TLS1.1

 

TLS1.0

 

 

Protocols not enabled:

 

SSLv3

 

SSLv2

 

Secure Renegotiation:

 Enabled

Downgrade attack prevention:

 Enabled

Next Protocol Negotiation:

 Enabled

Session resumption (caching):

 Enabled

Session resumption (tickets):

 Enabled

Strict Transport Security (HSTS):

 Not Enabled

SSL/TLS compression:

 Not Enabled

Heartbeat (extension):

 Not Enabled

RC4:

 Not Enabled

OCSP stapling:

 Enabled

 

Vulnerabilities checked:

 

Heartbleed

 

Poodle (TLS)

 

Poodle (SSLv3)

 

FREAK

 

BEAST

 

CRIME

 

 

Cipher suites enabled:

 

TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA (0xC008)
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xC009)
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xC00A)
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (0xC023)
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 (0xC024)
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xC02B)
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xC02C)

 

2. COMODO Info:

Spoiler

SSL Checker

 

This SSL Checker will help you diagnose problems with your SSL certificate installation. You can verify the SSL certificate on your web server to make sure it is correctly installed, valid, trusted and doesn't give any errors to any of your users. To use the SSL Checker, simply enter your server's hostname (must be public) in the box below and click the Check SSL button. If you need an SSL certificate, check out the SSL Wizard.

More Information About the SSL Checker

https://www.sslshopper.com/ssl-checker.html#hostname=www.nsaneforums.com

	www.nsaneforums.com resolves to 104.28.11.23
	Server Type: cloudflare-nginx
	The certificate should be trusted by all major web browsers (all the correct intermediate certificates are installed).
	The certificate was issued by Comodo.   Write review of Comodo
	The certificate will expire in 151 days. Remind me
	The hostname (www.nsaneforums.com) is correctly listed in the certificate.

	Common name: sni27985.cloudflaressl.com SANs: sni27985.cloudflaressl.com, *.bigfilmxjo.gq, *.cannaesthesia.com, *.cordenthia.com, *.discoveregyptdesert.com, *.hdcinemaqyf.ga, *.imjon.co.uk, *.innopage.com, *.iovo.pl, *.movietimelenm.gq, *.movietvept.ga, *.movietvjqe.gq, *.nsanedown.com, *.nsaneforums.com, *.rottentomatoesnpd.ga, *.sscccix.com, *.tamilmoviemp3.com, bigfilmxjo.gq, cannaesthesia.com, cordenthia.com, discoveregyptdesert.com, hdcinemaqyf.ga, imjon.co.uk, innopage.com, iovo.pl, movietimelenm.gq, movietvept.ga, movietvjqe.gq, nsanedown.com, nsaneforums.com, rottentomatoesnpd.ga, sscccix.com, tamilmoviemp3.com Valid from September 19, 2016 to March 26, 2017 Serial Number: f9fcc3869f7683a2487e4ae5c834ddf1 Signature Algorithm: ecdsa-with-SHA256 Issuer: COMODO ECC Domain Validation Secure Server CA 2
	Common name: COMODO ECC Domain Validation Secure Server CA 2 Organization: COMODO CA Limited Location: Salford, Greater Manchester, GB Valid from September 24, 2014 to September 24, 2029 Serial Number: 5b25ce6907c4265566d3390c99a954ad Signature Algorithm: ecdsa-with-SHA384 Issuer: COMODO ECC Certification Authority
	Common name: COMODO ECC Certification Authority Organization: COMODO CA Limited Location: Salford, Greater Manchester, GB Valid from May 30, 2000 to May 30, 2020 Serial Number: 4352023ffaa8901f139fe3f4e5c1444e Signature Algorithm: sha384WithRSAEncryption Issuer: AddTrust External CA Root

 

[Loboron]

16 minutes ago, Kalju said:

Certificate is installed correctly  
*(Please delete, if is not recommended that the information is available here.)

www.nsaneforums.com

•    This is not a Symantec certificate.
•    Please contact the Certificate Authority for further verification.

1. Symantec Info:

  Reveal hidden contents

Certificate information

 

This server uses a Domain Validated (DV) certificate. No information about the site owner has been validated. Data is protected, but exchanging personal or financial information is not recommended.

Common name:

 sni27985.cloudflaressl.com

SAN:

 sni27985.cloudflaressl.com, *.bigfilmxjo.gq, *.cannaesthesia.com, *.cordenthia.com, *.discoveregyptdesert.com, *.hdcinemaqyf.ga, *.imjon.co.uk, *.innopage.com, *.iovo.pl, *.movietimelenm.gq, *.movietvept.ga, *.movietvjqe.gq, *.nsanedown.com, *.nsaneforums.com, *.rottentomatoesnpd.ga, *.sscccix.com, *.tamilmoviemp3.com, bigfilmxjo.gq, cannaesthesia.com, cordenthia.com, discoveregyptdesert.com, hdcinemaqyf.ga, imjon.co.uk, innopage.com, iovo.pl, movietimelenm.gq, movietvept.ga, movietvjqe.gq, nsanedown.com, nsaneforums.com, rottentomatoesnpd.ga, sscccix.com, tamilmoviemp3.com

 

Valid from:

 2016-Sep-20 00:00:00 GMT

Valid to:

 2017-Mar-26 23:59:59 GMT

 

Certificate status:

 Valid

Revocation check method:

 OCSP

Organization:

 

Organizational unit:

 PositiveSSL Multi-Domain,Domain Control Validated

City/locality:

 

State/province:

 

Country:

 

Certificate Transparency:

 Not embedded in certificate

 

Serial number:

 f9fcc3869f7683a2487e4ae5c834ddf1

Algorithm type:

 SHA256withECDSA

Key size:

 256

Certificate chain

Show details

 

• COMODO ECC Certification AuthorityIntermediate certificate
  • COMODO ECC Domain Validation Secure Server CA 2Intermediate certificate
    • sni27985.cloudflaressl.comTested certificate

Server configuration

 

Host name:

 104.28.10.23

Server type:

 cloudflare-nginx

IP address:

 104.28.10.23

Port number:

 443

 

Protocols enabled:

 

TLS1.2

 

TLS1.1

 

TLS1.0

 

 

Protocols not enabled:

 

SSLv3

 

SSLv2

 

Secure Renegotiation:

 Enabled

Downgrade attack prevention:

 Enabled

Next Protocol Negotiation:

 Enabled

Session resumption (caching):

 Enabled

Session resumption (tickets):

 Enabled

Strict Transport Security (HSTS):

 Not Enabled

SSL/TLS compression:

 Not Enabled

Heartbeat (extension):

 Not Enabled

RC4:

 Not Enabled

OCSP stapling:

 Enabled

 

Vulnerabilities checked:

 

Heartbleed

 

Poodle (TLS)

 

Poodle (SSLv3)

 

FREAK

 

BEAST

 

CRIME

 

 

Cipher suites enabled:

 

TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA (0xC008)
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xC009)
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xC00A)
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (0xC023)
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 (0xC024)
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xC02B)
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xC02C)

 

2. COMODO Info:

  Reveal hidden contents

SSL Checker

 

This SSL Checker will help you diagnose problems with your SSL certificate installation. You can verify the SSL certificate on your web server to make sure it is correctly installed, valid, trusted and doesn't give any errors to any of your users. To use the SSL Checker, simply enter your server's hostname (must be public) in the box below and click the Check SSL button. If you need an SSL certificate, check out the SSL Wizard.

More Information About the SSL Checker

https://www.sslshopper.com/ssl-checker.html#hostname=www.nsaneforums.com

	www.nsaneforums.com resolves to 104.28.11.23
	Server Type: cloudflare-nginx
	The certificate should be trusted by all major web browsers (all the correct intermediate certificates are installed).
	The certificate was issued by Comodo.   Write review of Comodo
	The certificate will expire in 151 days. Remind me
	The hostname (www.nsaneforums.com) is correctly listed in the certificate.

	Common name: sni27985.cloudflaressl.com SANs: sni27985.cloudflaressl.com, *.bigfilmxjo.gq, *.cannaesthesia.com, *.cordenthia.com, *.discoveregyptdesert.com, *.hdcinemaqyf.ga, *.imjon.co.uk, *.innopage.com, *.iovo.pl, *.movietimelenm.gq, *.movietvept.ga, *.movietvjqe.gq, *.nsanedown.com, *.nsaneforums.com, *.rottentomatoesnpd.ga, *.sscccix.com, *.tamilmoviemp3.com, bigfilmxjo.gq, cannaesthesia.com, cordenthia.com, discoveregyptdesert.com, hdcinemaqyf.ga, imjon.co.uk, innopage.com, iovo.pl, movietimelenm.gq, movietvept.ga, movietvjqe.gq, nsanedown.com, nsaneforums.com, rottentomatoesnpd.ga, sscccix.com, tamilmoviemp3.com Valid from September 19, 2016 to March 26, 2017 Serial Number: f9fcc3869f7683a2487e4ae5c834ddf1 Signature Algorithm: ecdsa-with-SHA256 Issuer: COMODO ECC Domain Validation Secure Server CA 2
	Common name: COMODO ECC Domain Validation Secure Server CA 2 Organization: COMODO CA Limited Location: Salford, Greater Manchester, GB Valid from September 24, 2014 to September 24, 2029 Serial Number: 5b25ce6907c4265566d3390c99a954ad Signature Algorithm: ecdsa-with-SHA384 Issuer: COMODO ECC Certification Authority
	Common name: COMODO ECC Certification Authority Organization: COMODO CA Limited Location: Salford, Greater Manchester, GB Valid from May 30, 2000 to May 30, 2020 Serial Number: 4352023ffaa8901f139fe3f4e5c1444e Signature Algorithm: sha384WithRSAEncryption Issuer: AddTrust External CA Root

 

 

It's not me questioning the certificates... it's Firefox.... when I click on the attached files in your COMODO attachment.  each one says "Connection not secure"   I'm just looking for a FIX for this issue.  Thank you for the reply.. frustrating

[Kalju]

4 minutes ago, Loboron said:

 

It's not me questioning the certificates... it's Firefox.... when I click on the attached files in your COMODO attachment.  each one says "Connection not secure"   I'm just looking for a FIX for this issue.  Thank you for the reply.. frustrating

• Give some examples, I'll look on it.
• Do I understand correctly, only Firefox says, that connection is not secure?

[Loboron]

9 minutes ago, Kalju said:

• Give some examples, I'll look on it.
• Do I understand correctly, only Firefox says, that connection is not secure?

 

Yes, it's only Firefox, and it just started yesterday... I haven't added or deleted any flies or programs.

Here's an example url  https://www.windyty.com/?19.560,-108.896,5  It's marine weather / wind site I use daily.

 

I've found that if I click on ADVANCED when the notice is displayed... I can now make an exception.

However I'm receiving a new alert, when I click on a news link in Fox news is says:

being stolen, Firefox has not connected to this website.

This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox may only connect to it securely. As a result, it is not possible to add an exception for this certificate.

Learn more…

[Kalju]

Here is the info:   www.windyty.com ,  I do not have problems.
Valid from: 2014-Dec-02 04:50:37 GMT
Valid to: 2016-Dec-04 10:38:45 GMT
Source: 

https://www.sslshopper.com/ssl-checker.html#hostname=www.windyty.com

https://cryptoreport.websecurity.symantec.com/checker/

Spoiler

 

Warnings

SSLv3

Your server's encryption settings are vulnerable. This server uses the SSLv3 protocol, which is not secure. 

More information.

RSA remove cross certificates

The certificate chain contains a cross root (primary intermediate) certificate that should be removed. Use Symantec CryptoReport to remove cross root certificates.

 

This server is vulnerable to:

Poodle (SSLv3 protocol)

This server is vulnerable to a Poodle (SSLv3) attack. 

More information. 

 

 

 

 

[Loboron]

Are you using Firefox?   I'm at a loss.. this just started yesterday and only with Firefox...

 

Thank you for your help.

 

Ron

[Kalju]

I used both of them at the moment, ie Firefox 49.0.2 64-bit and Chrome current 64-bit.

And no problems.

[Loboron]

You think a system restore might work?

[Kalju]

Not think so, maybe, but I think, there is something else. It is probably some settings, maybe the Firefox user data is damaged, but not sure.

There is possible very different reasons. Difficult to diagnose exactly.

[Israeli_Eagle]

1 hour ago, Loboron said:

You think a system restore might work?

 

No, because user data are never restored.

Try to create a new Firefox Profile!

http://kb.mozillazine.org/Creating_a_new_Firefox_profile_on_Windows

If the new one works normally that means your old one was badly damaged or hacked.

 

[Israeli_Eagle]

3 hours ago, Loboron said:

 

Yes, it's only Firefox, and it just started yesterday... I haven't added or deleted any flies or programs.

Here's an example url  https://www.windyty.com/?19.560,-108.896,5  It's marine weather / wind site I use daily.

 

I've found that if I click on ADVANCED when the notice is displayed... I can now make an exception.

However I'm receiving a new alert, when I click on a news link in Fox news is says:

being stolen, Firefox has not connected to this website.

This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox may only connect to it securely. As a result, it is not possible to add an exception for this certificate.

Learn more…

 

The website works totally normal and the certs are valid. (I always use only FF!)

But this error smells for me as a (bad) Proxy or (bad) addon...

 

[knowledge-Spammer]

Loboron

  its not your pc or firefox its the site

u mean this right

[DKT27]

You guys really need to read when I post some important information:

 

On 22/10/2016 at 3:58 AM, DKT27 said:

Update: This is to notify all the members / visitors of the forums to switch back to non-HTTPS version of the forums. HTTPS introduced too many problems on the forums and it's implementation remains broken as of now.

 

If switching to non-HTTPS is not working, the only way to fix it is to clear one's browser cache and try the non-HTTPS address again.

 

HTTPS on FP - nsane.down remains enabled as of now here.

 

So yes, stop using the HTTPS version of nsane.forums, the forums break if HTTPS is enabled. Try the non-HTTPS version and see. The frontpage - nsane.down should not have any problems though.

[Loboron]

OK... I fixed that for here, but there's other sites that I can't load unless I click ADVANCED and make the URL exception... for the most part it's working with the work around, However I still have the issue with downloads.

 

Is there a fix in Firefox to eliminate HTTPS when I try to open a new site?  I've manually removed it from a couple of sites that I couldn't load earlier and it works... the site loads immediately.

 

I really appreciate the collective effort to help me resolve this.

 

Ron

[DKT27]

56 minutes ago, Loboron said:

OK... I fixed that for here, but there's other sites that I can't load unless I click ADVANCED and make the URL exception... for the most part it's working with the work around, However I still have the issue with downloads.

 

Is there a fix in Firefox to eliminate HTTPS when I try to open a new site?  I've manually removed it from a couple of sites that I couldn't load earlier and it works... the site loads immediately.

 

I really appreciate the collective effort to help me resolve this.

 

Ron

 

Is ESET doing this.

[Loboron]

I'm checking now.. I disabled HTTPS protection..

 

When I opened ESET I noticed that the HTTP Protocol was enabled but for the first time I saw that under HTTPS Scanner setup, enable HTTPS Checking was disabled....I enabled it and all appears to be working OK.

 

Just curious, why did it just affect Firefox and not Chrome?

 

Sorry for any inconvenience ...I'm still reading and learning a lot here..

Thanks to all.

Ron