Firefox, Google, SSL certificates and connections … and Kaspersky

no-kasperskyThe Set-up
A system with Microsoft Windows operating system, Firefox as browser, Kaspersky as the antivirus.

When you try to load a god-forgotten page like (or after trying to use the embedded web search box in Firefox) you end up with an error page. Unknown SSL certificate and a mysterious SEC_ERROR_UNKNOWN_ISSUER message…

My comment

It seems that Kaspersky puts its hands quite heavily on the connections made by a Windows computer (if I Google for that I got over 107-thousands results). What can you do? First carefully check all the configuration options that the Antivirus makes available. Then, if you cannot solve, please be aware that Kaspersky installs its own “master” SSL certificate, against of every other certificate will be “compared” … This file is also not read automagically by Firefox (even if installed at system level) … So you have to dig in your computer’s file system, and then manually install over Mozilla’s browser.

Only in this way – at last – those little and insignificant Google company SSL cert is being recognized and you can go on your browsing. The SSL file to load is called ‘(fake)Kaspersky Anti-Virus personal root certificate.cer’ and you have to check for it on those locations, given your Windows version:

  • Windows 2000 / XP – %AllUsersProfile%\Application Data\Kaspersky Lab\AVP60MP4\Data\Cert\
  • Windows Vista / 7 – %AllUsersProfile%\Kaspersky Lab\AVP60MP4\Data\Cert\
  • else a path like C:\ProgramData\Kaspersky Lab\AVP16.0.0\Data\Cert\

[As a more precise technical reference you can use this document or this post over  Kaspersky websites]

Alternative solution: change your antivirus … ASAP!


We need more Firefoxes.

We need more browsers that treat their users, rather than publishers, as their customers. It’s the natural cycle of concentration-disruption-renewal that has kept the Web vibrant for nearly 20 years (eons, in web-years).

We may never get another one, though.

The World Wide Web Consortium (W3C), once the force for open standards that kept browsers from locking publishers to their proprietary capabilities, has changed its mission. Since 2013, the organization has provided a forum where today’s dominant browser companies and the dominant entertainment companies can collaborate on a system to let our browsers control our behavior, rather than the other way.

Cory Doctorow, Save Firefox

15 Years of Mactracker

Mactracker 1.0 was introduced on May 14, 2001. Over the past 15 years it has grown to become an indispensable tool for enthusiasts, collectors, resellers, service providers, and IT professionals.

Yesterday Mactracker celebrated 15 years [!!!] since it was introduced on the market for Apple users. It is really an indispensable tool in my arsenal when I deal with unknowns Macs sent to me for hardware upgrade or repair, along with information on the original and maximum OS support, or identification for a correct sell (or purchase) through eBay or similar sites.

Today Mactracker database (available for free on your Mac or iOS device) counts more than 700 devices and I can’t recommend it enough if you manage multiple Mac at work or as an hobby…