Using force.com vs secure.force.com extensions in Site.com URLs
|Knowledge Article Number||000230362|
Your connection is not private
Attackers might be trying to steal your information from xyz.force.com (for example, passwords, messages, or credit cards).
This Connection is Untrusted
You have asked Firefox to connect securely to xyz.force.com, but we can't confirm that your connection is secure.
The owner of ***.force.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website."
Force.com Sites uses different domains for HTTP versus HTTPS. The force.com sub-domain gets sent to Akamai and the HTTPS version goes to the secure.force.com domain instead of force.com. Attempting to use HTTPS on the force.com subdomain results in a certificate error.