gmail "Connection is untrusted"??

I have set gmail as my home page in Firefox. Suddenly, when trying to access gmail, I am getting a message that says this is an Untrusted Connection and suggests “it could mean someone is trying to impersonate the site, and you shouldn’t continue.” It also says in the technical details that mail.google.com uses an invalid security certificate (whatever the hell that means). So I ran CC cleaner and uninstalled, then reinstalled Firefox. Same message. I can get to gmail using Chrome, but I’d prefer using the Firefox browser. Any ideas what has caused this and how to remove the problem?

I have the same problem with an old computer that still has Windows XP, and it gives the same message for Facebook.

I can tell you what it means, but not why. There are certifying agencies that confirm that websites are who they claim to be. If you have a website that uses a secure connection, then you can get a certificate from one of these agencies, that you can show to anyone visiting your site so they can verify it. If a secure site lacks such a certificate, or if it has one but it’s out of date or otherwise invalid, then your browser will warn you, and you should be careful about giving them any sensitive information (passwords, credit card numbers, etc.).

Now, usually, when this happens, it just means that somebody at the site got sloppy, and forgot to process their certificate renewal, or the like. But I have a hard time conceiving of Google being sloppy in this way. So, maybe someone really is impersonating Google?

Same thing happens if I type in the addresses directly.

Recently there has been a lot of kerfuffle and excitement, mostly panic-driven, over bugs in the certifications, not only the Open Source OpenSSL, as in Heartbleed, and earlier Apple’s implementation in Feb, but a few weeks ago in regular SSL ( Poodle bug ) — which can be a mixture of Closed and Open Source.

So a lot of certificates were/are being revoked; and new ones purposed.

It really prolly doesn’t matter in the long run. No-one’s in danger from regular websites, whether or not a certificate is there ( remember, most certificates are self-certificated by the web owner, which is basically just taking his word for the information provided, just as domain information is just taking the owner’s word for it’s accuracy. ) Financial sites are different and have a lot more safety measures.
Hopefully.

What OS/service pack?

It’s Windows 8. Don’t know about service pack. But why do I still have the problem when using Firefox but not Google? And how do I resolve it? In fact, I’ve just discovered that when I’m using Firefox, I can’t even get to Google search, because when I try to, I get the same message. WTF?

Here’s a thread on the Mozilla (Firefox) support forums about the issue:

https://support.mozilla.org/en-US/questions/999155

Yeah, well something is seriously screwed up. I clicked on the link (I’m using Firefox now), and got the same message. I copied/pasted the link into Chrome and looked at the article, which suggested clearing the cache and cookies, which I did. No difference.

For some attack vectors, this doesn’t matter. The address you type in gets turned into an Internet Protocol (IP) address by a Domain Name Service (DNS). In a DNS spoofing attack, the service translates the name into the IP address of a malicious site.

Google has made a practice of forgetting stuff like this — as have others, particularly with domain renewals: it’s easily done. Here’s an instance from 6 years ago.
Personally, I’d just click through the warnings. Particularly with Google Search. What are the bad guys gonna do ? Show you a bunch of dodgy adverts ?

Do you have Kapersky installed? Or does that bit not apply?

nope. And I’d like to fix this, since, strangely enough, g-mail works better with Firefox than with Chrome.

Another thing check your computer time: not only the operating system time, but the one in the BIOS run by CMOS, which is separate.
If the browser notices a difference which suggests either the computer or the certificate is in the past, this can affect whether or not it accepts the certificate.
Anyway, due to the crazy expiration system for domains etc., I hate to imagine how many domains and certificates a mega-giant has to watch: perhaps they have people whose sole job it is to renew timely. Preferably monitored with computer assistance.

When you re-installed Firefox did you connect your original profile or did you start with a new profile?

When you go to gmail, or any other site that throws this error, have you been able to look at the certificate? You can click on the icon in your address bar to the left of the address. Or right-click on the page “View Page Info” and go to Security.

Does it look like the certificate is valid? Is it saying the cert belongs to google or does it say something else?

No - I didn’t use a new profile. I did look at what I think are the certificates, using page view - the connection tab tells me that the website has been verified by (amazingly) DO_NOT_TRUST_fiddlerroot. But I’m going to that website via Chrome. I can’t get there via Firefox, so I can’t see what might be different.

Your network connection has been hijacked.

https://support.mozilla.org/en-US/questions/994422

As a matter of fact, that’s what happened. I went to the control panel to look at the programs I have, and since I have very few, I was able to spot the interloper right away. Uninstalled it and, Bingo!, back in business. Grateful Doper here. xo,
C.

What was the program?

Not sure what the name was. I wish I’d made a note of it. It was Rocket something, I believe. Don’t know how it got there, but it’s gone now.