How can I add a certificate exception for an HSTS-protected site in Firefox?
I'm extremely irritated with Firefox's constantly blocking lastpass.com . It is a well known website that stores all my passwords. I need that website to access hundreds of websites.
Side note: Please don't reply back with "you should save your passwords offline" because I decide how I want to manage my passwords. Life is extremely stressful already. Don't add to my stress by giving me crummy advice of storing my passwords offline. It's not practical. I can't carry my notebook everywhere. Services like lastpass are there for a reason.
Here is a screenshot of what I'm seeing:
If the above image is not large enough please right click on image and choose "open image in new tab".
Can someone please tell me how to bypass this problem so that I can get on with my work?
Ideally I would like to disable this cough retarded cough feature in Firefox itself. If that's not possible then I would like to somehow ignore this exception so that lastpass addon can start accessing it's parent site and I can get on with my work.
firefox security
edited Apr 1 '17 at 1:55
Pimp Juice IT
24.2k113974
asked Apr 18 '16 at 13:16
MugenMugen
3532620
|
show 2 more comments
I'm extremely irritated with Firefox's constantly blocking lastpass.com . It is a well known website that stores all my passwords. I need that website to access hundreds of websites.
Side note: Please don't reply back with "you should save your passwords offline" because I decide how I want to manage my passwords. Life is extremely stressful already. Don't add to my stress by giving me crummy advice of storing my passwords offline. It's not practical. I can't carry my notebook everywhere. Services like lastpass are there for a reason.
Here is a screenshot of what I'm seeing:
If the above image is not large enough please right click on image and choose "open image in new tab".
Can someone please tell me how to bypass this problem so that I can get on with my work?
Ideally I would like to disable this cough retarded cough feature in Firefox itself. If that's not possible then I would like to somehow ignore this exception so that lastpass addon can start accessing it's parent site and I can get on with my work.
firefox security
edited Apr 1 '17 at 1:55
Pimp Juice IT
24.2k113974
asked Apr 18 '16 at 13:16
MugenMugen
3532620
I had similar problems with other sites, which was solved by changing my internet security settings (in my case Kaspersky) - nothing to do with Firefox itself.
– AFH
Apr 18 '16 at 13:25
It works fine here, so it can't be Firefox blocking it. Try again after disabling any Firefox extensions, and also check your firewall/antivirus settings.
– DavidPostill♦
Apr 18 '16 at 13:27
Edited title to more closely reflect the question. Should be noted that it's blocking the site in the same way that you'd go "I don't know you!" if some random stranger walked up to you claiming to be your father - i.e. it's not "well-known" because it's misidentifying itself (or something on your network is changing the identification).
– Bob
Apr 18 '16 at 17:39
1
Also, before you proceed in adding an exception... make sure you know why this message is appearing. Make sure you know who actually issued the certificate you're adding an exception for (corporate proxy? your company?). Otherwise, there's a very good chance that it's a malicious MitM attacker who will get access to all your passwords because you've intentionally disabled the security mechanism protecting you from interception. (I'm assuming here that Lastpass hasn't misconfigured their intermediate certificates.)
– Bob
Apr 18 '16 at 17:42
1
@Mugen I can certainly understand the frustration, but it's best if we try to keep questions as focused on the problem as possible rather than going into less-relevant rants. That said, I haven't voted either way on this.
– Bob
Apr 19 '16 at 10:25
|
show 2 more comments
I'm extremely irritated with Firefox's constantly blocking lastpass.com . It is a well known website that stores all my passwords. I need that website to access hundreds of websites.
Side note: Please don't reply back with "you should save your passwords offline" because I decide how I want to manage my passwords. Life is extremely stressful already. Don't add to my stress by giving me crummy advice of storing my passwords offline. It's not practical. I can't carry my notebook everywhere. Services like lastpass are there for a reason.
Here is a screenshot of what I'm seeing:
If the above image is not large enough please right click on image and choose "open image in new tab".
Can someone please tell me how to bypass this problem so that I can get on with my work?
Ideally I would like to disable this cough retarded cough feature in Firefox itself. If that's not possible then I would like to somehow ignore this exception so that lastpass addon can start accessing it's parent site and I can get on with my work.
firefox security
edited Apr 1 '17 at 1:55
Pimp Juice IT
24.2k113974
asked Apr 18 '16 at 13:16
MugenMugen
3532620
I'm extremely irritated with Firefox's constantly blocking lastpass.com . It is a well known website that stores all my passwords. I need that website to access hundreds of websites.
Side note: Please don't reply back with "you should save your passwords offline" because I decide how I want to manage my passwords. Life is extremely stressful already. Don't add to my stress by giving me crummy advice of storing my passwords offline. It's not practical. I can't carry my notebook everywhere. Services like lastpass are there for a reason.
Here is a screenshot of what I'm seeing:
If the above image is not large enough please right click on image and choose "open image in new tab".
Can someone please tell me how to bypass this problem so that I can get on with my work?
Ideally I would like to disable this cough retarded cough feature in Firefox itself. If that's not possible then I would like to somehow ignore this exception so that lastpass addon can start accessing it's parent site and I can get on with my work.
firefox security
firefox security
edited Apr 1 '17 at 1:55
Pimp Juice IT
24.2k113974
asked Apr 18 '16 at 13:16
MugenMugen
3532620
edited Apr 1 '17 at 1:55
Pimp Juice IT
24.2k113974
asked Apr 18 '16 at 13:16
MugenMugen
3532620
edited Apr 1 '17 at 1:55
Pimp Juice IT
24.2k113974
edited Apr 1 '17 at 1:55
Pimp Juice IT
24.2k113974
edited Apr 1 '17 at 1:55
Pimp Juice IT
24.2k113974
24.2k113974
asked Apr 18 '16 at 13:16
MugenMugen
3532620
asked Apr 18 '16 at 13:16
MugenMugen
3532620
asked Apr 18 '16 at 13:16
MugenMugen
3532620
3532620
I had similar problems with other sites, which was solved by changing my internet security settings (in my case Kaspersky) - nothing to do with Firefox itself.
– AFH
Apr 18 '16 at 13:25
It works fine here, so it can't be Firefox blocking it. Try again after disabling any Firefox extensions, and also check your firewall/antivirus settings.
– DavidPostill♦
Apr 18 '16 at 13:27
Edited title to more closely reflect the question. Should be noted that it's blocking the site in the same way that you'd go "I don't know you!" if some random stranger walked up to you claiming to be your father - i.e. it's not "well-known" because it's misidentifying itself (or something on your network is changing the identification).
– Bob
Apr 18 '16 at 17:39
1
Also, before you proceed in adding an exception... make sure you know why this message is appearing. Make sure you know who actually issued the certificate you're adding an exception for (corporate proxy? your company?). Otherwise, there's a very good chance that it's a malicious MitM attacker who will get access to all your passwords because you've intentionally disabled the security mechanism protecting you from interception. (I'm assuming here that Lastpass hasn't misconfigured their intermediate certificates.)
– Bob
Apr 18 '16 at 17:42
1
@Mugen I can certainly understand the frustration, but it's best if we try to keep questions as focused on the problem as possible rather than going into less-relevant rants. That said, I haven't voted either way on this.
– Bob
Apr 19 '16 at 10:25
|
show 2 more comments
I had similar problems with other sites, which was solved by changing my internet security settings (in my case Kaspersky) - nothing to do with Firefox itself.
– AFH
Apr 18 '16 at 13:25
It works fine here, so it can't be Firefox blocking it. Try again after disabling any Firefox extensions, and also check your firewall/antivirus settings.
– DavidPostill♦
Apr 18 '16 at 13:27
Edited title to more closely reflect the question. Should be noted that it's blocking the site in the same way that you'd go "I don't know you!" if some random stranger walked up to you claiming to be your father - i.e. it's not "well-known" because it's misidentifying itself (or something on your network is changing the identification).
– Bob
Apr 18 '16 at 17:39
1
Also, before you proceed in adding an exception... make sure you know why this message is appearing. Make sure you know who actually issued the certificate you're adding an exception for (corporate proxy? your company?). Otherwise, there's a very good chance that it's a malicious MitM attacker who will get access to all your passwords because you've intentionally disabled the security mechanism protecting you from interception. (I'm assuming here that Lastpass hasn't misconfigured their intermediate certificates.)
– Bob
Apr 18 '16 at 17:42
1
@Mugen I can certainly understand the frustration, but it's best if we try to keep questions as focused on the problem as possible rather than going into less-relevant rants. That said, I haven't voted either way on this.
– Bob
Apr 19 '16 at 10:25
I had similar problems with other sites, which was solved by changing my internet security settings (in my case Kaspersky) - nothing to do with Firefox itself.
– AFH
Apr 18 '16 at 13:25
I had similar problems with other sites, which was solved by changing my internet security settings (in my case Kaspersky) - nothing to do with Firefox itself.
– AFH
Apr 18 '16 at 13:25
It works fine here, so it can't be Firefox blocking it. Try again after disabling any Firefox extensions, and also check your firewall/antivirus settings.
– DavidPostill♦
Apr 18 '16 at 13:27
It works fine here, so it can't be Firefox blocking it. Try again after disabling any Firefox extensions, and also check your firewall/antivirus settings.
– DavidPostill♦
Apr 18 '16 at 13:27
Edited title to more closely reflect the question. Should be noted that it's blocking the site in the same way that you'd go "I don't know you!" if some random stranger walked up to you claiming to be your father - i.e. it's not "well-known" because it's misidentifying itself (or something on your network is changing the identification).
– Bob
Apr 18 '16 at 17:39
Edited title to more closely reflect the question. Should be noted that it's blocking the site in the same way that you'd go "I don't know you!" if some random stranger walked up to you claiming to be your father - i.e. it's not "well-known" because it's misidentifying itself (or something on your network is changing the identification).
– Bob
Apr 18 '16 at 17:39
1
1
Also, before you proceed in adding an exception... make sure you know why this message is appearing. Make sure you know who actually issued the certificate you're adding an exception for (corporate proxy? your company?). Otherwise, there's a very good chance that it's a malicious MitM attacker who will get access to all your passwords because you've intentionally disabled the security mechanism protecting you from interception. (I'm assuming here that Lastpass hasn't misconfigured their intermediate certificates.)
– Bob
Apr 18 '16 at 17:42
Also, before you proceed in adding an exception... make sure you know why this message is appearing. Make sure you know who actually issued the certificate you're adding an exception for (corporate proxy? your company?). Otherwise, there's a very good chance that it's a malicious MitM attacker who will get access to all your passwords because you've intentionally disabled the security mechanism protecting you from interception. (I'm assuming here that Lastpass hasn't misconfigured their intermediate certificates.)
– Bob
Apr 18 '16 at 17:42
1
1
@Mugen I can certainly understand the frustration, but it's best if we try to keep questions as focused on the problem as possible rather than going into less-relevant rants. That said, I haven't voted either way on this.
– Bob
Apr 19 '16 at 10:25
@Mugen I can certainly understand the frustration, but it's best if we try to keep questions as focused on the problem as possible rather than going into less-relevant rants. That said, I haven't voted either way on this.
– Bob
Apr 19 '16 at 10:25
|
show 2 more comments
1 Answer
1
active
oldest
votes
I am going to prefix this answer by saying the following. The only reason you would be getting this error is because you’re using a proxy, which effectively means, all secure http traffic is going through the proxy itself.
Based on phyrfox's over at Information Security you can do the following.
You can disable HSTS by introducing a new configuration variable.
First, go to the Firefox configuration page (about:config),
right-click, choose "New Integer", then provide the name
"test.currentTimeOffsetSeconds" (no quotes) with a value of 11491200.
This should bypass HSTS, although you may also need to clear the Cache
and Active Logins in the Clear Recent History dialog (Ctrl-Shift-Del).
This apparently works because of a function called GetPreloadListEntry
that checks to see if the current time is less than the next list
expiration time; since the time is effectively calculated to be later
than the expiration time, no check is performed. This effectively
disables HSTS checks.
Can HSTS be disabled in Firefox?
answered Apr 18 '16 at 17:01
RamhoundRamhound
20.2k156085
I should add this likely will not fix the add-on itself but it will allow you to access any website which enforces HSTS, this also means, you won't be notified of a problem in the future. Your add-on problem requires your network be configured differently
– Ramhound
Apr 18 '16 at 17:18
1
Please take heed of Bob's comment. There is a reason you are getting this warning message. Now you are welcome to ignore it, by performing this work around, but it will apply to ALL websites. this effectively disables HSTS enforcement within Firefox
– Ramhound
Apr 18 '16 at 19:47
This is a great answer! When I tried it out I was getting a Firefox dialog popup. To anyone else who's trying out this solution, if you get a javascript popup on accessing your blocked site then it means you need to reset your Firefox config to it's default values. Just do a Firefox "refresh" aka Help> Troubleshooting > Refresh profile and then try out the solution given above. It works perfectly. You still get the warning but now you have the option of adding an exception too. @Ramhound Thanks a lot for answering!
– Mugen
Apr 19 '16 at 6:24
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1066863%2fhow-can-i-add-a-certificate-exception-for-an-hsts-protected-site-in-firefox%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
I am going to prefix this answer by saying the following. The only reason you would be getting this error is because you’re using a proxy, which effectively means, all secure http traffic is going through the proxy itself.
Based on phyrfox's over at Information Security you can do the following.
You can disable HSTS by introducing a new configuration variable.
First, go to the Firefox configuration page (about:config),
right-click, choose "New Integer", then provide the name
"test.currentTimeOffsetSeconds" (no quotes) with a value of 11491200.
This should bypass HSTS, although you may also need to clear the Cache
and Active Logins in the Clear Recent History dialog (Ctrl-Shift-Del).
This apparently works because of a function called GetPreloadListEntry
that checks to see if the current time is less than the next list
expiration time; since the time is effectively calculated to be later
than the expiration time, no check is performed. This effectively
disables HSTS checks.
Can HSTS be disabled in Firefox?
answered Apr 18 '16 at 17:01
RamhoundRamhound
20.2k156085
I should add this likely will not fix the add-on itself but it will allow you to access any website which enforces HSTS, this also means, you won't be notified of a problem in the future. Your add-on problem requires your network be configured differently
– Ramhound
Apr 18 '16 at 17:18
1
Please take heed of Bob's comment. There is a reason you are getting this warning message. Now you are welcome to ignore it, by performing this work around, but it will apply to ALL websites. this effectively disables HSTS enforcement within Firefox
– Ramhound
Apr 18 '16 at 19:47
This is a great answer! When I tried it out I was getting a Firefox dialog popup. To anyone else who's trying out this solution, if you get a javascript popup on accessing your blocked site then it means you need to reset your Firefox config to it's default values. Just do a Firefox "refresh" aka Help> Troubleshooting > Refresh profile and then try out the solution given above. It works perfectly. You still get the warning but now you have the option of adding an exception too. @Ramhound Thanks a lot for answering!
– Mugen
Apr 19 '16 at 6:24
add a comment |
I am going to prefix this answer by saying the following. The only reason you would be getting this error is because you’re using a proxy, which effectively means, all secure http traffic is going through the proxy itself.
Based on phyrfox's over at Information Security you can do the following.
You can disable HSTS by introducing a new configuration variable.
First, go to the Firefox configuration page (about:config),
right-click, choose "New Integer", then provide the name
"test.currentTimeOffsetSeconds" (no quotes) with a value of 11491200.
This should bypass HSTS, although you may also need to clear the Cache
and Active Logins in the Clear Recent History dialog (Ctrl-Shift-Del).
This apparently works because of a function called GetPreloadListEntry
that checks to see if the current time is less than the next list
expiration time; since the time is effectively calculated to be later
than the expiration time, no check is performed. This effectively
disables HSTS checks.
Can HSTS be disabled in Firefox?
answered Apr 18 '16 at 17:01
RamhoundRamhound
20.2k156085
I should add this likely will not fix the add-on itself but it will allow you to access any website which enforces HSTS, this also means, you won't be notified of a problem in the future. Your add-on problem requires your network be configured differently
– Ramhound
Apr 18 '16 at 17:18
1
Please take heed of Bob's comment. There is a reason you are getting this warning message. Now you are welcome to ignore it, by performing this work around, but it will apply to ALL websites. this effectively disables HSTS enforcement within Firefox
– Ramhound
Apr 18 '16 at 19:47
This is a great answer! When I tried it out I was getting a Firefox dialog popup. To anyone else who's trying out this solution, if you get a javascript popup on accessing your blocked site then it means you need to reset your Firefox config to it's default values. Just do a Firefox "refresh" aka Help> Troubleshooting > Refresh profile and then try out the solution given above. It works perfectly. You still get the warning but now you have the option of adding an exception too. @Ramhound Thanks a lot for answering!
– Mugen
Apr 19 '16 at 6:24
add a comment |
I am going to prefix this answer by saying the following. The only reason you would be getting this error is because you’re using a proxy, which effectively means, all secure http traffic is going through the proxy itself.
Based on phyrfox's over at Information Security you can do the following.
You can disable HSTS by introducing a new configuration variable.
First, go to the Firefox configuration page (about:config),
right-click, choose "New Integer", then provide the name
"test.currentTimeOffsetSeconds" (no quotes) with a value of 11491200.
This should bypass HSTS, although you may also need to clear the Cache
and Active Logins in the Clear Recent History dialog (Ctrl-Shift-Del).
This apparently works because of a function called GetPreloadListEntry
that checks to see if the current time is less than the next list
expiration time; since the time is effectively calculated to be later
than the expiration time, no check is performed. This effectively
disables HSTS checks.
Can HSTS be disabled in Firefox?
answered Apr 18 '16 at 17:01
RamhoundRamhound
20.2k156085
I am going to prefix this answer by saying the following. The only reason you would be getting this error is because you’re using a proxy, which effectively means, all secure http traffic is going through the proxy itself.
Based on phyrfox's over at Information Security you can do the following.
You can disable HSTS by introducing a new configuration variable.
First, go to the Firefox configuration page (about:config),
right-click, choose "New Integer", then provide the name
"test.currentTimeOffsetSeconds" (no quotes) with a value of 11491200.
This should bypass HSTS, although you may also need to clear the Cache
and Active Logins in the Clear Recent History dialog (Ctrl-Shift-Del).
This apparently works because of a function called GetPreloadListEntry
that checks to see if the current time is less than the next list
expiration time; since the time is effectively calculated to be later
than the expiration time, no check is performed. This effectively
disables HSTS checks.
Can HSTS be disabled in Firefox?
answered Apr 18 '16 at 17:01
RamhoundRamhound
20.2k156085
edited Jan 21 at 1:46
answered Apr 18 '16 at 17:01
RamhoundRamhound
20.2k156085
answered Apr 18 '16 at 17:01
RamhoundRamhound
20.2k156085
answered Apr 18 '16 at 17:01
RamhoundRamhound
20.2k156085
20.2k156085
I should add this likely will not fix the add-on itself but it will allow you to access any website which enforces HSTS, this also means, you won't be notified of a problem in the future. Your add-on problem requires your network be configured differently
– Ramhound
Apr 18 '16 at 17:18
1
Please take heed of Bob's comment. There is a reason you are getting this warning message. Now you are welcome to ignore it, by performing this work around, but it will apply to ALL websites. this effectively disables HSTS enforcement within Firefox
– Ramhound
Apr 18 '16 at 19:47
This is a great answer! When I tried it out I was getting a Firefox dialog popup. To anyone else who's trying out this solution, if you get a javascript popup on accessing your blocked site then it means you need to reset your Firefox config to it's default values. Just do a Firefox "refresh" aka Help> Troubleshooting > Refresh profile and then try out the solution given above. It works perfectly. You still get the warning but now you have the option of adding an exception too. @Ramhound Thanks a lot for answering!
– Mugen
Apr 19 '16 at 6:24
add a comment |
I should add this likely will not fix the add-on itself but it will allow you to access any website which enforces HSTS, this also means, you won't be notified of a problem in the future. Your add-on problem requires your network be configured differently
– Ramhound
Apr 18 '16 at 17:18
1
Please take heed of Bob's comment. There is a reason you are getting this warning message. Now you are welcome to ignore it, by performing this work around, but it will apply to ALL websites. this effectively disables HSTS enforcement within Firefox
– Ramhound
Apr 18 '16 at 19:47
This is a great answer! When I tried it out I was getting a Firefox dialog popup. To anyone else who's trying out this solution, if you get a javascript popup on accessing your blocked site then it means you need to reset your Firefox config to it's default values. Just do a Firefox "refresh" aka Help> Troubleshooting > Refresh profile and then try out the solution given above. It works perfectly. You still get the warning but now you have the option of adding an exception too. @Ramhound Thanks a lot for answering!
– Mugen
Apr 19 '16 at 6:24
I should add this likely will not fix the add-on itself but it will allow you to access any website which enforces HSTS, this also means, you won't be notified of a problem in the future. Your add-on problem requires your network be configured differently
– Ramhound
Apr 18 '16 at 17:18
I should add this likely will not fix the add-on itself but it will allow you to access any website which enforces HSTS, this also means, you won't be notified of a problem in the future. Your add-on problem requires your network be configured differently
– Ramhound
Apr 18 '16 at 17:18
1
1
Please take heed of Bob's comment. There is a reason you are getting this warning message. Now you are welcome to ignore it, by performing this work around, but it will apply to ALL websites. this effectively disables HSTS enforcement within Firefox
– Ramhound
Apr 18 '16 at 19:47
Please take heed of Bob's comment. There is a reason you are getting this warning message. Now you are welcome to ignore it, by performing this work around, but it will apply to ALL websites. this effectively disables HSTS enforcement within Firefox
– Ramhound
Apr 18 '16 at 19:47
This is a great answer! When I tried it out I was getting a Firefox dialog popup. To anyone else who's trying out this solution, if you get a javascript popup on accessing your blocked site then it means you need to reset your Firefox config to it's default values. Just do a Firefox "refresh" aka Help> Troubleshooting > Refresh profile and then try out the solution given above. It works perfectly. You still get the warning but now you have the option of adding an exception too. @Ramhound Thanks a lot for answering!
– Mugen
Apr 19 '16 at 6:24
This is a great answer! When I tried it out I was getting a Firefox dialog popup. To anyone else who's trying out this solution, if you get a javascript popup on accessing your blocked site then it means you need to reset your Firefox config to it's default values. Just do a Firefox "refresh" aka Help> Troubleshooting > Refresh profile and then try out the solution given above. It works perfectly. You still get the warning but now you have the option of adding an exception too. @Ramhound Thanks a lot for answering!
– Mugen
Apr 19 '16 at 6:24
add a comment |
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1066863%2fhow-can-i-add-a-certificate-exception-for-an-hsts-protected-site-in-firefox%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
I had similar problems with other sites, which was solved by changing my internet security settings (in my case Kaspersky) - nothing to do with Firefox itself.
– AFH
Apr 18 '16 at 13:25
It works fine here, so it can't be Firefox blocking it. Try again after disabling any Firefox extensions, and also check your firewall/antivirus settings.
– DavidPostill♦
Apr 18 '16 at 13:27
Edited title to more closely reflect the question. Should be noted that it's blocking the site in the same way that you'd go "I don't know you!" if some random stranger walked up to you claiming to be your father - i.e. it's not "well-known" because it's misidentifying itself (or something on your network is changing the identification).
– Bob
Apr 18 '16 at 17:39
1
Also, before you proceed in adding an exception... make sure you know why this message is appearing. Make sure you know who actually issued the certificate you're adding an exception for (corporate proxy? your company?). Otherwise, there's a very good chance that it's a malicious MitM attacker who will get access to all your passwords because you've intentionally disabled the security mechanism protecting you from interception. (I'm assuming here that Lastpass hasn't misconfigured their intermediate certificates.)
– Bob
Apr 18 '16 at 17:42
1
@Mugen I can certainly understand the frustration, but it's best if we try to keep questions as focused on the problem as possible rather than going into less-relevant rants. That said, I haven't voted either way on this.
– Bob
Apr 19 '16 at 10:25