Avast causing Secure Connection Failed -should not have to turn off protection 

system · 2015-07-11T03:12:27.000Z

Using Win7 pro SP1 64bit

I have spent the better part of tonight trying to figure out why I could not log on to amazon.
I could login with IE11 but not FF 38.01 ESR
error:
Secure Connection Failed
An error occurred during a connection to www.amazon.com. security library: improperly formatted DER-encoded message. (Error code: sec_error_bad_der)

I spent most of my time on FF support sites chasing down possible solutions and trying them all. I had deactivated all Avast plug ins/extensions so I really didn’t think it was avast. Finally I- duh! I thought to disable avast and it worked!!

This may not be the final solution but I went into settings and turned off Enable HTTPS scanning. It worked but really, I pay for a pro version of avast and active scanning is something I have used for years. I am not super tech savy so I mainly use default settings.
I have made no changes to avast in all very long time other than updates.
Suddenly after updating to FF 38.01ESR I got the Secure connection error and only on Amazon! HOWEVER, I went on Amazon yesterday and made a purchase and nothing had changed between now and then. I had already updated FF days before. ??

So what else could be going on?
Also, I really don’t want to stop scanning HTTPS sites. Or do u think that is not needed? But then why have it?

Thanks in advance for any info or solutions.

Eddy · 2015-07-11T07:35:17.000Z

I just tried to open https://www.amazon.com in FF and it works without a problem.
I tested it with FF 39.0.

What are you doing with a ESR anyway ?
ESR is intended for groups who deploy and maintain the desktop environment in large organizations such as schools, governments and businesses.

rocksteady · 2015-08-07T08:44:45.000Z

After much puzzlement. I have just overcome same problem of “secure connection failed” reported trying to reach basic sites Microsoft Outlook and Google using Firefox 39 on Win10. Mozzilla recognised this due to avast and suggested fix is turn off HTTPS scanning. The fix works but why suddenly do I need to turn HTTPS scanning off in Avast to achieve that?
Ed

system · 2015-08-07T17:51:49.000Z

Same problem here but with Facebook.
other https site works fine.
Facebook works on Ie / Chrome but not on FF.

I saw a mac user having quite same problem : https://forum.avast.com/index.php?topic=174475.0

If i disable avast then i connect to FB , it’s works
if i enable avast ( without leaving FB ) , pictures & co are unavailable .

system · 2015-08-08T03:47:24.000Z

Hi
I am having the same certificate verification problem with AVAST HTTPS scanning module and the Skype website… As I can See it, Avast is using a SHA1 coding for it’s certificate and Chrome is rightly flagging this as a security risk on Secure sites. (When a site works correctly, the coding is the newer SHA256 - Why are Avast still using SHA1 on some sites???)

SHA1 is a universally recognised WEAK(COMPROMISED?) coding platform that is being phased out of existence. It surprises me that a SECURITY COMPANY would choose to use this certificate format for one of it’s most critical modules.

I am a relative newbie here on the forums, but consider myself above average on PC matters and fairly clued in on aspects of security etc.

rocksteady · 2015-08-08T08:01:09.000Z

Also see more here:
https://forum.avast.com/index.php?topic=159346.msg1146671#msg1146671

What I found strange was on my account on the PC HTTPS scan had no adverse effect, but on a second user account it caused FF not to load webpage.

system · 2015-08-09T06:15:10.000Z

Does Avast will solve the problem ??

system · 2015-08-14T12:51:40.000Z

no fix ? no answer ?? ( no , disable https scan is not a fix )
I am really disappointed …

there is many people with the problem !!!

rocksteady · 2015-08-14T17:32:59.000Z

My problem seems to have gone away, but I dont know the reason. There have be numerous Win10 updates and Firefox fox update since I reported my symptoms. I can now get through to OneDrive without hangups with HTTPS scan activated. Maybe others should give it another try as well.

Announcements