For a long time if your ssl cert was jacked up users would be displayed a popup warning and continue what they were doing. Firefox has taken a waaaaaaaaaay more intrusive approach to this and now displays a server error like page for misconfiguration servers/certs.
I had quickmarked my AdSense account url as https://google.com/adsense and when I just went there I saw this:
Then I retried it a few seconds later and it was ok. Not sure if it was a FireFox error or something on Googles side but 1 thing is for sure that new Firefox error page is no joke and will cost people business if they see it.
Ricky Peterson (22) 
R Kumar (12) 
ZK @ Web Marketing Blog (11) 
Holly Mann (11) 
Gyutae Park (10) 
gurtey (9) 
Shanker Bakshi (9) 
Yisraeli Foods (8) 
Jacques Snyman | 3 Quotes (6) 
Stock Traders Blog (5) 
Michael Zhao (77) 
almir (76) 
fas (75) 
R Kumar (74) 
Rick Kats (68) 
Jay @ work from home (62) 
Dino (57) 
Find Affiliate Offers (54) 
Dick (624) 
Goran Website (495) 
Melvin (330) 
Ben Pei (329) 
Taris Janitens (274) 
meethere (269) 
Tushar Dhoot (265) 
Tushar (260) 
Andrew (259) 
I would leave a site in a second if i get this warning. i am a paranoid.
Same here!
Some of you guys are totally missing the point. The AdSense website is just an example. SSL certs have long since been hard to use for any website, and the point of the post is that Firefox takes a very aggressive approach to invalid SSL certs for our security.
That really sucks, I am not using adsense at all now using adbrite
Geiger: Look here: Look at the sign in the ceiling:
http://www.ameinfo.com/amefiles/brand/dxb_passport.jpg
Firefox has used the official sign for “passport checkpoint” as a icon for SSL error.
I also saw few messages like this before on my firefox.. i think google got hacked..
On almost all Google run sites I got that same message for weeks – It was a pain in the but
I agree- this is definitely no joke and can lose a lot of sites some traffic. Create a compliant site and you won’t run into this problem!
Its a shame that Google isn’t fixing the problem.
Ha wow I’m surprised they won’t redirect the users to include the www’s
But for small sites that can’t really get direct advertising sales, adsense is a great base. There’s no denying that!
yeah that’s true, I hate it too
I saw a warning like this while Stumbling using Firefox 3 as the browser. Having a compliant, CLEAN site is more important than ever.
FYI: Adsense is only on https://www.google.com/adsense without the www. you get the error .. you’d of thunk Google would 301 to the www. :confused:
Bryn did you just ask for a shirt, win, or did you purchase it?
i hate this feature, make people think ” site hacked”
Hey I’ve got a really crazy and wild idea….
After you’re done panicking…. UPDATE YOUR CERTS. Make sure your site is compliant. i.e. do some work for a change…. And you’ll be fine.
I’m not sure what all the fuss is about… anyone who uses SSL and depends on customers (ie: selling something) should have a cert that matches their domain name… that’s always been the case.
Are people really finding that the new error is turning away more people than the old popup notice?
Lucky for me I dont have any secure pages. I think the page looks far too much like an error page, most users are just going to hit the back button when they see that. But then if you are running an e-commerce site you should be keeping on top of stuff like this.
I think this is a serious sign. Interestingly, what really happens?
I know that they are not told the reason for the ban.
That would definitely turn off a lot of customers if they continuously ran into that error all the time. Just a simple www missing can cause a lot of problems.
Yeah, as a host all of our secured servers showed that to clients. It’s when the domain is mismatched to the one on the certificate. It’s a pain.
Well this is definitely good to know. BTW got my shoemoney t-shirt today, thanks!
You have to make sure to update this. Any warnings scare people away.
Even if done in .htaccess? The server would redirect any request to the SSL domain and thus serve up the SSL-linked page before the wrong one?
Hi Shoe,
Also the other thing I noticed with FF3 is that normal SSL certificates only show the URL bar as blue. It will only turn green if you get the EV SSL certificate.
I haven’t looked into the details, but it just seems like more paperwork that can easily be done. AKA more $$$ and profits
I don’t think the redirect can be executed, I think firefox will interrupt as soon as it sees that the ssl cert is not valid.
Looks like a police officer that forgot to take off his seatbelt holding a badge
Wow. Serious implications.
What the heck is that icon? Is that a crossing guard?
Very annoying, try adding the http://www...
I noticed this on my University’s webmail login. I was surprised to see such a large and prominent warning, but now it’s getting annoying.
I had problems with that too.
why would they ban you for no reason ? remember, No smoke without fire!
You’d think they could set up a better redirect to their SSL covered www domain before the warning pops up.. Or take some of the billions they have and buy another cert
What’s even more annoying about FF3 is the Phishing/Malware alert, some tool reported one of my sites as a phishing site (it’s a proxy site, yeah, lame, but it’s passive income) so everyone visiting it got the nice big red screen of terror. (That and my host sent me a nasty letter, whoever reported it must have had no idea what a proxy was, went to eBay through the proxy and figured since it hit a sign in for ebay it was phishing…dumb twit) Obviously they don’t look TOO closely at sites reported as being bad, so you could potentially be at risk for having competitors report your site with a chance it could be flagged as bad. Fortunately my report that it wasn’t a phishing/malware site was processed pretty quickly, it happened over the weekend and seems to have been taken care of this morning.
Haven’t gotten this on gmail, but the others are problematic.
adsense banned my account for no reason
they sucks.
and I though google had a problem
adsense still is a viable business for many websites.
shared certs will cause a major problem with multiple domains on them..
i have been noticing the same across many sites, specially with the new firefox version.
i’ve been seeing that for a while now, i just ignore it at this point.
Google seems to have some kind of trouble/problems because i received that error message too on Gmail and a part of my Gmail-Accounts was deactivated without any reason.
I got one last night for gmail actually.
I think it’s because you went to https://google.com and not https://www.google.com – I noticed that the other day. Their SSL certificate doesn’t appear to cover the non-www version of the site. Really they should do a redirect from one to the other – or at least you’d think they should!
Commission Junction has SSL Certificate Issues as well, I wrote about it a week or two ago but no one seems to know or care yet.
No, it’s not really a good thing. It’s overly restrictive. There are a lot of small sites out there with shared SSL, and they get hammered with this.
Yeah, I noticed this as well. My sister runs an ecom shop, and she lost business even when it was a simple popup warning. With this, I don’t think anyone at all would know to go beyond it. You wouldn’t lose some business, you’d lose all.
Shoemoney, thanks for the good word. Those are potential die hard, or learn hard pops.
Regards, Matt
I get that error pretty often when I’m accessing some ssl connections…it’s pretty hard to figure out what to do when you get it for the first time
I think it it will be a good thing..keep adapting or die…
That’s a good thing, except for the fact that I do have invalid ssl certs on my server cpanel etc, so I have to add exceptions for those.
Yep exactly what I did… I thought that google had shutdown Adsense for a second
That sucks. I hardly use adsense anymore. Direct advertising is much better imo!
I’ve gotten an SSL error page from Adsense as long as I can remember and still do. That new Firefox page design is definitely a traffic killer. The IE7 one is just as bad.