Starting with Firefox 65, Firefox browser will show a new error “Mozilla _PKIX_MITM_Detected’ to users when antivirus or third-party software scans connections to encrypted websites and replaces site certificate with their own, error code link takes to SUMO page to tell the user what’s really happening.
Firefox’s Mozilla_PKIX_ERROR_ MITM_Detected error
We’ve been recently contacted by a reader saying he is getting ‘Your connection is not secure’ page in Firefox for every secure website with Avast installed and unable to figure out what to do. For instance, in the screenshot below Firefox says “The owner of Youtube.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website”
Clicking ‘Advanced’ shows the error code ‘MOZILLA_PKIX_ERROR_MITM_DETECTED’ and informs the user that the website uses an invalid certificate and not trustable because of the certificate is from an unknown issuer. The error conveys “The server might not be sending the appropriate intermediate certificates. An additional root certificate may be needed to be imported”.
Mozilla has readied this help page for various security error codes –SEC_ERROR_UNKNOWN_ISSUER, the above one, and ‘ERROR_SELF_SIGNED_CERT’ — users may encounter for various websites in Firefox browser and offers instructions on how to troubleshoot them.
The page says “In case you get this problem on multiple un-related HTTPS-sites, it indicates that something on your system or network is intercepting your connections and injecting certificates in a way that not trusted by Firefox. This is indicated by ‘MOZILLA_PKIX_ERROR_MITM_DETECTED'”
“If Firefox is able to detect the connection is intercepted by a proxy, the most common causes are security software scanning encrypted connections or malware listening in, replacing legitimate certificates with their own”.
Here in user case issue is caused by Avast, disable HTTPS scanning by Avast antivirus fixes the issue, here is how you can do that.
1. Open Avast interface, visit Settings >Components, click Customize for Web Shield
2. Uncheck ‘Enable HTTPS Scanning’
3. Click OK
If you’re using Antivirus other than Avast, you need to disable the component/module that scans HTTPS connections in the Firefox browser. When Mozilla ships Firefox 65 on January 2019, expect the users to see this error dialog more frequently due to antiviruses, you’re warned. UPDATE: The company has changed target Firefox version 66.