"Unsecure Connection" to chart.apis.google.com (ssl_error_bad_cert_domain)
when I try to connect to http://chart.apis.google.com, Firefox first switches to HTTPS, and then complains of an Untrusted Connection due to "ssl_error_bad_cert_domain". The certificate is stated to cover *.google.com, and I do not have certificate problems at https://apis.google.com.
I do NOT have HTTPS everywhere installed, and the same issue occurs in safe mode.
I notice this problem due to missing images on some websites that use chart.apis.google.com. The images were missing in Version 16, but I only did this testing today on 17.0
All Replies (6)
Clear the cache and the cookies from sites that cause problems.
"Clear the Cache":
- Tools > Options > Advanced > Network > Cached Web Content: "Clear Now"
"Remove Cookies" from sites causing problems:
- Tools > Options > Privacy > Cookies: "Show Cookies"
There may also be a Google setting to prefer a secure connection
Try to set the Boolean pref browser.urlbar.autoFill to false on the about:config page to disable the auto-fill feature on the location bar and prevent Firefox from using the https protocol.
See "Prevent Firefox from automatically completing URLs":
You can set the browser.urlbar.trimURLs pref to false on the about:config page to see the http: protocol on the location bar and in the pop-up if you hover a link.
Clearing Cache & cookies had the same result. (I only cleared cookies from the source site, skritter.com, since chart.apis.google.com had no cookies).
I tried the same URL from Internet Explorer 9 while logged into Google.
http://charts.api.google.com eventually redirects to https://developers.google.com/chart/ without certificate questions. (However if I type https://charts.api.google.com into IE, it does give a certificate error).
As a follow-up, I also tried this in a clean profile while in safe-mode with the same result, so the HTTPS switching very much feels like a "normal" Firefox behaviour.
So it seems that Firefox is redirecting me to https, and I cannot determine why. This is further confirmed by using the following full-chart URL in IE & Firefox:
in IE, it remains as http protocol, but in Firefox it is changed to https.
Modified
Does that also happen if you temporarily switch to Private Browsing mode to disable the disk cache and possible cookies?
- Tools > Options > Privacy, choose the setting Firefox will: Use custom settings for history
- [X] "Always use private browsing mode"
I set "Always Use private browsing mode" in a clean profile with the same result. I also did a packet-sniff for the private browsing session as well as with my normal profile, and there is no HTTP query. Immediately after the DNS query is an HTTPS packet to the destination. No HTTP packet seems to be sent.
(Testing in my normal profile was NOT in private mode)
Modified
I have the same issue, it started happening after the FF17 update yesterday.
FF now redirects all HTTP Google Chart API images to HTTPS for some reason, and that is horribly broken due to the certificate issue that was brought up above.
Thus a page like this no longer display the QR code: http://www.androidpolice.com/2012/10/12/new-app-chainfires-perfmon-is-a-floating-performance-monitor-with-a-unique-cpu-metric.
http://chart.apis.google.com/chart?cht=qr&chs=108x108&chld=L|0&chl=http%3A%2F%2Fplay.google.com%2Fstore%2Fapps%2Fdetails%3Fid%3Deu.chainfire.perfmon <- shows certificate warnings after the HTTPS redirect.
OK, this bug is being tracked at https://bugzilla.mozilla.org/show_bug.cgi?id=786417 and https://bugzilla.mozilla.org/show_bug.cgi?id=791568