For a long time if your ssl cert was jacked up users would be displayed a popup warning and continue what they were doing. Firefox has taken a waaaaaaaaaay more intrusive approach to this and now displays a server error like page for misconfiguration servers/certs.
I had quickmarked my AdSense account url as https://google.com/adsense and when I just went there I saw this:
Then I retried it a few seconds later and it was ok. Not sure if it was a FireFox error or something on Googles side but 1 thing is for sure that new Firefox error page is no joke and will cost people business if they see it.
About the author...
Jeremy Schoemaker – who has written 2416 posts on ShoeMoney.com.
Hi I am Jeremy Schoemaker and ShoeMoney.com is my blog. 99% of the post here are done by me but you will see others occasionally make guest posts. This blog is fun to write but for my day job I run several online companies.
Images provided by ShutterStock
Where My Hatred of SEO Comes From 
The Perfect Business 
I Am A Recovering Addict of MMORPG Games 
{ 58 comments… read them below or add one }
I’ve gotten an SSL error page from Adsense as long as I can remember and still do. That new Firefox page design is definitely a traffic killer. The IE7 one is just as bad.
That sucks. I hardly use adsense anymore. Direct advertising is much better imo!
Yep exactly what I did… I thought that google had shutdown Adsense for a second
That’s a good thing, except for the fact that I do have invalid ssl certs on my server cpanel etc, so I have to add exceptions for those.
I think it it will be a good thing..keep adapting or die…
I get that error pretty often when I’m accessing some ssl connections…it’s pretty hard to figure out what to do when you get it for the first time
Shoemoney, thanks for the good word. Those are potential die hard, or learn hard pops.
Regards, Matt
Yeah, I noticed this as well. My sister runs an ecom shop, and she lost business even when it was a simple popup warning. With this, I don’t think anyone at all would know to go beyond it. You wouldn’t lose some business, you’d lose all.
No, it’s not really a good thing. It’s overly restrictive. There are a lot of small sites out there with shared SSL, and they get hammered with this.
Commission Junction has SSL Certificate Issues as well, I wrote about it a week or two ago but no one seems to know or care yet.
I think it’s because you went to https://google.com and not https://www.google.com – I noticed that the other day. Their SSL certificate doesn’t appear to cover the non-www version of the site. Really they should do a redirect from one to the other – or at least you’d think they should!
I got one last night for gmail actually.
Google seems to have some kind of trouble/problems because i received that error message too on Gmail and a part of my Gmail-Accounts was deactivated without any reason.
i’ve been seeing that for a while now, i just ignore it at this point.
i have been noticing the same across many sites, specially with the new firefox version.
shared certs will cause a major problem with multiple domains on them..
adsense still is a viable business for many websites.
and I though google had a problem
adsense banned my account for no reason
they sucks.
Haven’t gotten this on gmail, but the others are problematic.
You’d think they could set up a better redirect to their SSL covered www domain before the warning pops up.. Or take some of the billions they have and buy another cert
What’s even more annoying about FF3 is the Phishing/Malware alert, some tool reported one of my sites as a phishing site (it’s a proxy site, yeah, lame, but it’s passive income) so everyone visiting it got the nice big red screen of terror. (That and my host sent me a nasty letter, whoever reported it must have had no idea what a proxy was, went to eBay through the proxy and figured since it hit a sign in for ebay it was phishing…dumb twit) Obviously they don’t look TOO closely at sites reported as being bad, so you could potentially be at risk for having competitors report your site with a chance it could be flagged as bad. Fortunately my report that it wasn’t a phishing/malware site was processed pretty quickly, it happened over the weekend and seems to have been taken care of this morning.
why would they ban you for no reason ? remember, No smoke without fire!
I had problems with that too.
I noticed this on my University’s webmail login. I was surprised to see such a large and prominent warning, but now it’s getting annoying.
Very annoying, try adding the http://www...
What the heck is that icon? Is that a crossing guard?
Wow. Serious implications.
Looks like a police officer that forgot to take off his seatbelt holding a badge
I don’t think the redirect can be executed, I think firefox will interrupt as soon as it sees that the ssl cert is not valid.
Hi Shoe,
Also the other thing I noticed with FF3 is that normal SSL certificates only show the URL bar as blue. It will only turn green if you get the EV SSL certificate.
I haven’t looked into the details, but it just seems like more paperwork that can easily be done. AKA more $$$ and profits
Even if done in .htaccess? The server would redirect any request to the SSL domain and thus serve up the SSL-linked page before the wrong one?
You have to make sure to update this. Any warnings scare people away.
Well this is definitely good to know. BTW got my shoemoney t-shirt today, thanks!
Yeah, as a host all of our secured servers showed that to clients. It’s when the domain is mismatched to the one on the certificate. It’s a pain.
That would definitely turn off a lot of customers if they continuously ran into that error all the time. Just a simple www missing can cause a lot of problems.
I know that they are not told the reason for the ban.
I think this is a serious sign. Interestingly, what really happens?
Lucky for me I dont have any secure pages. I think the page looks far too much like an error page, most users are just going to hit the back button when they see that. But then if you are running an e-commerce site you should be keeping on top of stuff like this.
I’m not sure what all the fuss is about… anyone who uses SSL and depends on customers (ie: selling something) should have a cert that matches their domain name… that’s always been the case.
Are people really finding that the new error is turning away more people than the old popup notice?
Hey I’ve got a really crazy and wild idea….
After you’re done panicking…. UPDATE YOUR CERTS. Make sure your site is compliant. i.e. do some work for a change…. And you’ll be fine.
i hate this feature, make people think ” site hacked”
Bryn did you just ask for a shirt, win, or did you purchase it?
FYI: Adsense is only on https://www.google.com/adsense without the www. you get the error .. you’d of thunk Google would 301 to the www. :confused:
I saw a warning like this while Stumbling using Firefox 3 as the browser. Having a compliant, CLEAN site is more important than ever.
yeah that’s true, I hate it too
But for small sites that can’t really get direct advertising sales, adsense is a great base. There’s no denying that!
Ha wow I’m surprised they won’t redirect the users to include the www’s
Its a shame that Google isn’t fixing the problem.
I agree- this is definitely no joke and can lose a lot of sites some traffic. Create a compliant site and you won’t run into this problem!
On almost all Google run sites I got that same message for weeks – It was a pain in the but
I also saw few messages like this before on my firefox.. i think google got hacked..
Geiger: Look here: Look at the sign in the ceiling:
http://www.ameinfo.com/amefiles/brand/dxb_passport.jpg
Firefox has used the official sign for “passport checkpoint” as a icon for SSL error.
That really sucks, I am not using adsense at all now using adbrite
Some of you guys are totally missing the point. The AdSense website is just an example. SSL certs have long since been hard to use for any website, and the point of the post is that Firefox takes a very aggressive approach to invalid SSL certs for our security.
Same here!
I would leave a site in a second if i get this warning. i am a paranoid.
Yes, it is worth learning methods.
Thank you for this article. I’ve actually been researching different web hosts to find my new host. So far I’ve been considering using PowWeb. In general, the reviews of them seem pretty decent and their plan suits my needs. Do you think this is a good idea? — Jake