Firefox 66 to show ‘Mozilla_PKIX_ERROR_ MITM_Detected’ when AV interferes with SSL connections

Image about Firefox 66 to show ‘Mozilla_PKIX_ERROR_ MITM_Detected’ when AV interferes with SSL connections

Starting with Firefox 65, Firefox browser will show a new error “Mozilla _PKIX_MITM_Detected’ to users when antivirus or third-party software scans connections to encrypted websites and replaces site certificate with their own, error code link takes to SUMO page to tell the user what’s really happening.

Firefox’s Mozilla_PKIX_ERROR_ MITM_Detected error

We’ve been recently contacted by a reader saying he is getting ‘Your connection is not secure’ page in Firefox for every secure website with Avast installed and unable to figure out what to do. For instance, in the screenshot below Firefox says “The owner of has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website”

Clicking ‘Advanced’ shows the error code ‘MOZILLA_PKIX_ERROR_MITM_DETECTED’ and informs the user that the website uses an invalid certificate and not trustable because of the certificate is from an unknown issuer. The error conveys “The server might not be sending the appropriate intermediate certificates. An additional root certificate may be needed to be imported”.

Mozilla has readied this help page for various security error codes –SEC_ERROR_UNKNOWN_ISSUER,  the above one, and ‘ERROR_SELF_SIGNED_CERT’ — users may encounter for various websites in Firefox browser and offers instructions on how to troubleshoot them.

Firefox Mozilla _PKIX_error_mitm detected

The page says “In case you get this problem on multiple un-related HTTPS-sites, it indicates that something on your system or network is intercepting your connections and injecting certificates in a way that not trusted by Firefox. This is indicated by ‘MOZILLA_PKIX_ERROR_MITM_DETECTED'”

“If Firefox is able to detect the connection is intercepted by a proxy, the most common causes are security software scanning encrypted connections or malware listening in, replacing legitimate certificates with their own”.

Here in user case issue is caused by Avast, disable HTTPS scanning by Avast antivirus fixes the issue, here is how you can do that.

1. Open Avast interface, visit Settings >Components, click Customize for Web Shield

2. Uncheck ‘Enable HTTPS Scanning’

3. Click OK

4. Done.

If you’re using Antivirus other than Avast, you need to disable the component/module that scans HTTPS connections in the Firefox browser. When Mozilla ships Firefox 65 on January 2019, expect the users to see this error dialog more frequently due to antiviruses, you’re warned. UPDATE: The company has changed target Firefox version 66.

Related articles:

Firefox 65 to allow switch tabs with mouse wheel by scrolling [Linux only]

Mozilla makes about:performance as complete Task Manager in Firefox 65

Firefox 65 to ask for confirmation to close multiple tabs even if session restore is enabled

Firefox 65 gets WebP Image Support

Firefox 65: Content Blocking mode to come with Standard, Strict and Custom options