What router settings would prevent me from accessing CSS files via https?

Since the problem only occurs when connecting through the router, that router is likely messing around with your traffic. That specific error means that the site as seen by your computer is presenting an SSL/TLS certificate that fits the site, but is issued by an untrusted/unknown certification authority. In essence, it would appear that the router just made up a CA key and is signing certificates with it in an attempt to let itself decrypt your HTTPS traffic.

I couldn't find any mention of a setting for that router that enables such shenanigans (other than the website filters mentioned in hertitu's answer), but I did discover that malicious firmware versions have been made for D-Link routers. For a scary read, see Large Scale Security Analysis of Embedded Devices' Firmware (PDF). It's conceivable that your router was injected with that kind of bad firmware and is now spying on you. You could try to flash known-good firmware onto it, but the bad firmware might prevent that. If the flash fixes the HTTPS problem, change your router management password to make sure that no bad guys know it. (Access to your router is access to your traffic when firmware "upgrade" is an option.)

If the flash doesn't fix it, buy a new router. It's the only way to be sure!


It is possible that someone is running some sort of man in the middle attack. Login to the router and check to see who is connected. If you find some suspicious machine just change your wifi password and make sure you use WPA encryption


Looking at the D-Link DIR-635 User Manual (pdf), I see that it has a Website Filters feature as an option in the Access Control feature. I have no experience with this particular router (and hence with that feature) but it is possible, when these features are enabled, that the router is trying to present you with a screen saying something like "you are not allowed to access this page".