This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Support
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 

"Not Secure" in URL box

weblawman
Making moves

‎04-02-2025 10:58 AM

Recently I have been receiving a "Not Secure" message when I try to enter a URL with a "https://" prefix. Sometimes it resolves and goes to the requested address and sometimes it doesn't. This is especially irritating since (1) I have never gotten such notifications in the past and (2) when I try to go directly to my router and use the numeric URL, e.g. 111,222,333,444, it never resolves. I feel this has something to do with the certificates used to verify that I am actually who I say I am, but I have not knowingly done anything recently that would scramble my certificates. What is going wrong? How do I debug such a problem?

0 Kudos
8 REPLIES 8

simon
Employee
Employee

‎04-07-2025 01:17 AM

Hi weblawman!

This might just be a recent update to Firefox UI. Your connection has probably been insecure all along (which is usually acceptable as long as you're only connecting to your local router) but Firefox has made some updates to the URL bar UI to make it more obvious when a connection is insecure.

However, a few things sound strange.

  1. Entering the IP doesn't work. The numbers in the IP need to be separated by dots not commas. I'm not sure if that's a typo. Commas will indeed not work but entering the IP directly should definitely work.
  2. You're saying that it sometimes resolves and sometimes it doesn't. I can't think of a reason why this might be happening. HTTPS or HTTP, either way, you should be able to connect.
  3. You're mentioning certificates but no details. Did you get any warnings about certificates?

If you want to debug further opening a browser console Menu: Tools > Browser Tools > Web Developer Tools and going to the Console tab may show useful information like

HTTPS-First Mode: Upgrading insecure request “https://.....” failed. Downgrading to “http” again.

You might also want to take a loot at the network tab to see if any redirects are happening. If you can provide more other information I'm happy to take a look!

And you might want to do some experiments with a fresh profile. You can find instructions on how to do that here: https://support.mozilla.org/en-US/kb/profile-manager-create-remove-switch-firefox-profiles?redirects...

Kind regards, Simon

0 Kudos

zebedee
Making moves

‎04-07-2025 05:01 AM - edited ‎04-07-2025 05:12 AM

Same problem here after upgrading to Firefox 137.0. on Window11, 
Processor AMD Ryzen Threadripper 3960X 24-Core Processor 3.80 GHz
Installed RAM 32.0 GB (31.9 GB usable)
System type 64-bit operating system, x64-based processor
Pen and touch No pen or touch input is available for this display

Error "Error code: SEC_ERROR_BAD_SIGNATURE" from multiple sites, such as:

https://forums.raspberrypi.com/

https://www.cambridgeshire.gov.uk/

even https://auth.mozilla.auth0.com/

Sites works okay in another browser.

0 Kudos

simon
Employee
Employee
In response to zebedee

‎04-07-2025 05:08 AM

Hi @zebedee !

Both of these work fine for me in Firefox 137.0. Are you getting these errors on a company or university network which might be intercepting your connections? In any case, it seems unrelated to the problem described by @weblawman above. It's probably better to start a new topic.

0 Kudos

zebedee
Making moves

‎04-07-2025 05:54 AM

No, home system. These and many other tabs. Firefox currently unusable.

0 Kudos

simon
Employee
Employee
In response to zebedee

‎04-07-2025 06:20 AM

That very much sounds like something is broken on your machine. Can you try from a different computer? And from a different Firefox profile on the same computer? (See above for instructions.)

0 Kudos

zebedee
Making moves
In response to simon

‎04-07-2025 07:46 AM

"Clear startup cache" and restart Firefox has cured the problem.

weblawman
Making moves

‎04-07-2025 06:52 AM

weblawman here again (new to discussions, not sure how to reply to my own posting):

I tried to access my local router on the local ethernet by invoking Firefox, opening Settings>Security & Privacy, and clicking on the "Saved Logins" button. My link was displayed as "http://xxx.xxx.xxx.xxx" with the correct login and password. Clicked on the link, received an error message, and clicked on "Advanced" button for more information. Here is what it displayed:

xxx.xxx.xxx.xxx uses an invalid security certificate. The certificate is not trusted because it is self-signed. Error code: MOZILLA_PKIX_ERROR_SELF_SIGNED_CERT

View Certificate

I have not knowingly changed my certificate before receiving this error about two weeks ago. Since I don't really understand certificates in the first place, I am not sure how Firefox handles them either or where they are stored in the system file structure. Something has changed in how Firefox handles local certificates.

0 Kudos

simon
Employee
Employee

‎04-07-2025 07:21 AM

Yeah, this is very likely a certificate that gets auto-generated by the router. That's also why it is self-signed. It's never seen any certificate authority on the internet and that is why you are getting a warning when connecting.

The reason you are now getting a certificate error may be that we have extended HTTPS-upgrades: https://support.mozilla.org/en-US/kb/https-first. So if you enter an address like "example.com" now, we will try to use "https://example.com" first. If you enter "http://example.com" you will still get an HTTP connection, though.

After accepting the warning about the certificate being self-signed, you should see a lock with a little warning sign next to it but no "Not Secure" text anymore.

simon_0-1744035623495.png

 

0 Kudos
Copyright © 2025 Khoros, LLC
Top

Type a product name