Why Does Mozilla Keep Saying "This Connection Is Untrusted"?

By Chris Hoffman

Mozilla Firefox uses security certificates to verify the identity of secure websites you connect to. Secure websites have addresses that begin with “HTTPS” and use secure sockets layer, or SSL, encryption to ensure other people can’t snoop on your personal information in transit. Firefox displays the “This Connection Is Untrusted” warning page when it can’t verify the identity of the website.


The “This Connection is Untrusted” warning page appears instead of a website when Firefox notices a problem with a secure website’s SSL certificate. A problem with the website’s security certificate indicates that Firefox can’t be sure the website you’re visiting is the website it claims to be. For example, this error message appearing instead of your bank’s website may indicate someone is attempting to impersonate your bank’s website for malicious purposes. You can click the “Technical Details” option on the page to see the specific problem.

Incorrect Site

The “The certificate is only valid for [website]” message may appear in the Technical Details section, indicating that security certificate the website is using was issued for a different website. For example, a website may acquire a certificate for “Example.com” to secure its communications on Example.com. The certificate may only be used on Example.com. Sometimes, a certificate may be valid only on certain parts of a domain. For example, if you’re accessing Example.com and the certificate is only valid for www.Example.com, visit www.Example.com directly.

Self-signed Certificates

Websites usually acquire SSL certificates from companies that issue them and ensure their validity. Website administrators can also opt to use self-signed certificates. While self-signed certificates can securely encrypt your data in transmission, they don’t ensure the identity of the website you’re visiting. A self-signed certificate may claim to be from Example.com, but there’s no way to be sure of this. Self-signed certificates are often used for intranet websites on local networks.

Incorrect Dates

A website’s security certificate may not be valid until a future date or may have already expired. This error message can often occur if your computer’s clock is set to an incorrect time. Try adjusting your computer’s time by right-clicking the clock on the taskbar and selecting “Adjust Date/Time.” If setting the clock to the correct time doesn’t fix the problem, the website’s administrators may have neglected to renew their SSL certificate before it expired.

Ignore Problem

Mozilla recommends clicking the “Get Me Out of Here!” button that appears on the warning page to leave the untrusted website instead of continuing. If you expected the warning message and want to continue, you can click the “I Understand the Risks” option on the page and click the “Add Exception” button that appears. A window displaying technical information about the problem with the certificate appears. You can click “Confirm Security Exception” in the window to trust the untrusted SSL certificate.