User Tools

Site Tools



I want to access a website with https, but firefox refuses.

I get these messages, Japanese locale:

安全な接続ではありません の所有者による Web サイトの設定が不適切です。
あなたの情報が盗まれることを防ぐため、この Web サイトへの接続は確立されません。

このサイトでは、暗号化された通信のみで接続するよう Firefox に指定する 
HTTP Strict Transport Security (HSTS) が使われています。

<url> uses an invalid security certificate.

The certificate is not trusted because the issuer certificate is unknown. 
The server might not be sending the appropriate intermediate certificates. 
An additional root certificate may need to be imported. 


On this page, no “Add Exception..” button is offered. Why is that?


HTTP Strict Transport Security (HSTS) is an opt-in security enhancement. My webserver has this in headers:

Strict-Transport-Security "max-age=31536000; includeSubDomains";

Firefox had “seen” this, and a timer started, the next 31536000 seconds only properly signed https certs will be accepted for and subdomains. I installed a KVM guest as locally, and a https cert for was created and selfsigned. Before I told firefox to only accept properly signed certs, this did not fall into that category. Several workarounds exist, some:

  • configure the timeout down in firefox
  • install the local system with a different domain, i.e. rhevm.local instead of
  • get the <url> cert properly signed by a CA which your firefox trusts
software/firefox.txt · Last modified: 2021/03/23 12:22 (external edit)