Firefox "Untrusted Connection" warnings when visiting reputable HTTPS sites when using child's account

Solution 1

Since HTTPS is designed to prevent snooping, Microsoft Family Safety would be unable to monitor the encrypted traffic unless it performs what is essentially a man-in-the-middle attack. It accomplishes this by decrypting and re-encrypting communications using Microsoft's own key. Such tampering, of course, does not go unnoticed. Firefox dutifully reports the man-in-the-middle scheme as suspicious activity.

To consent to such snooping, and suppress all "Untrusted Certificate" warnings arising from this scheme, you need to instruct Firefox to trust Microsoft's SSL certificate that is used for re-encrypting. (Microsoft Internet Explorer doesn't have this "problem" because it trusts Microsoft's certificate out of the box. Google Chrome is the same, since it relies on cryptography mechanisms built into Windows. Firefox, however, uses its own cryptographic routines that consult a separate list of trusted root certificates.)

The certificate that you need to import is Microsoft's. Go to Control Panel → Network and Internet → Internet Options → Content → Certificates → Trusted Root Certification Authorities. Select the Microsoft Family Safety certificate, then click Export…. Answer No, do not export the private key. Either of the two .CER formats is fine. Save it to any convenient temporary location, such as familysafety.cer on your Desktop.

Then, you need to tell Firefox to trust the certificate that you just exported. In the Firefox menu, choose Options → Advanced → Certificates → View Certificates → Authorities → Import…. Select the familysafety.cer that you had just saved. Select Trust this CA to identify websites, then click OK, and close the Options dialog.

You should no longer get the "Untrusted Certificate" warning when visiting reputable, correctly configured websites under Family Safety.

Alternatively, you could disable Family Safety, or just the Activity Reporting feature. You can do so under Control Panel → User Accounts and Family Safety → Set up Family Safety for any user. Authenticate as an administrator if necessary, then select the child's account on which to disable the feature.

Solution 2

I also thought this was a problem with my upgrade to Windows 10 but it turned out to be Avast.

If you want to test this,

Avast: Open Avast -> Settings -> Active Protection -> Web Shield (Click Customise) -> Untick Enable HTTPS scanning.

Firefox: Open Firefox, go to say https://www.google.com and see if the page displays.

If you're happy turning off HTTPS scanning when browsing in Firefox then you don't need to do anymore.

...

However if you're concerned and want to get HTTPS scanning working again then you need to enable Firefox to trust Avast's web certificate which modifies content from https sites (such as google) as it checks for potentially harmful content in the secure stream. To achieve this follow these steps,

Windows: Open a run command -> Type mmc and click Ok -> Click File -> Add/Remove Snap-in -> Certificates -> Add -> My User Account -> Finish -> Ok

Expand Certificates - Current User -> Trusted Root Certification Authorities -> Certificates

You should see two certificates for avast!Web/Mail Shield Root, right click on the lower one and choose All Tasks -> Export

In the wizard that appears click Next -> choose DER encoded binary X.509 (.CER) and click Next -> Click Browse and save the file to your desktop using the filename avast.cer -> Click Next -> Click Finish -> You should get a message saying the export was successful

Firefox: Open Firefox -> Click the three horizontal lines and choose Options -> Advanced -> Certificates -> View Certificates -> Import -> Choose avast.cer from your desktop -> Tick the first two boxes and click OK -> OK -> Close Firefox

Avast: Open Avast -> Settings -> Active Protection -> Web Shield (Click Customise) -> Tick Enable HTTPS scanning

Firefox: Open Firefox, go to say https://www.google.com and the page should display

Solution 3

On Windows 10 I had difficulty finding the proper control panel and then the certificate manager, at all. It's been hidden away from the dumbed-down controls UI. The quickest way I found was:

1. Make a shortcut for "Run..." on the start menu: Start > All Apps > W > Windows System > Run > Pin to Start

2. Press your new Run... button and type "certlm.msc"

3. When "Certificates - Local Computer" window appears, Action > Find Certificates... > in the "Contains" box type "Family"

4. Right-click the Microsoft Family Safety certificate and choose "Export..." Now essentially follow the steps from @200_success above; Export the certificate using the defaults (no private key, DER format, save it somewhere convenient).

5. Now for each child on each computer that they use, sign in and import the certificate into Firefox. Firefox > Options > Advanced > Certificates > View Certificates > Authorities tab > Import... and choose the file you saved earlier. Surely there's a way to do this once for all firefox users on a computer?

Related videos on Youtube

03 : 21

How to Fix Secure Connection Failed Error on Mozilla Firefox Browser | 4 Simple & Working Ways

Tuto2Info Videos

2098

01 : 35

How To Fix This Connection Is Untrusted Error || Firefox

MK TECH

920

02 : 47

Fix Your Connection Is Not Secure||SSL_ERROR_BAD_CERT_DOMAIN Error In Mozilla Firefox

Teconz

258

02 : 53

4 Ways to Fix This Connection is Untrusted - Firefox

AvoidErrors

193

01 : 04

How To Fix "this connection is untrusted"

Pilesofplenty

161

03 : 13

Secure Connection Failed... Problem Solve 100%

Chanakya World

85

06 : 21

Troubleshoot Mozilla Firefox Crashes

GodlessManitoban

43

01 : 25

How to fix "This Connection is Untrusted" in Mozilla Firefox

TechProbSolution

4

Author by

200_success

Updated on September 18, 2022