X
Tap here to go to the mobile version of the site.

منتدى الدعم

this connection is untrusted with Error code: sec_error_unknown_issuer.

Posted

Hello,

When I try to open G-Mail & twitter and some other trusted websites, I got the following warning "This Connection is Untrusted" with Error code: sec_error_unknown_issuer.

For most of the site, I can bypass by clicking « I understand the risk » but this is a bummer but for Gmail and Twitter, there is no other button than "Get me out of here"

When I go through « about:support » and « reinitialise » system, I no longer have the problem, but not only it erases all my personnal set-up but the problem always come back when I restart my system

Date and time are set right.

I have also tried to reinstall completely FIREFOX to no avail

I am using McAfee Total protection 2014 & Firefox 31.0 on Windows 7 64 bits.

I have had this problem for the last 5 days and only Firefox.

Other Browser ( IE8.0) is working fine

I have searched for solutions but they all failed -

Deleting cert8.db did not solve the problem either

How do I solve this Problem?

Thanks and Regards

Hello, When I try to open G-Mail & twitter and some other trusted websites, I got the following warning "This Connection is Untrusted" with Error code: sec_error_unknown_issuer. For most of the site, I can bypass by clicking « I understand the risk » but this is a bummer but for Gmail and Twitter, there is no other button than "Get me out of here" When I go through « about:support » and « reinitialise » system, I no longer have the problem, but not only it erases all my personnal set-up but the problem always come back when I restart my system Date and time are set right. I have also tried to reinstall completely FIREFOX to no avail I am using McAfee Total protection 2014 & Firefox 31.0 on Windows 7 64 bits. I have had this problem for the last 5 days and only Firefox. Other Browser ( IE8.0) is working fine I have searched for solutions but they all failed - Deleting cert8.db did not solve the problem either How do I solve this Problem? Thanks and Regards

Additional System Details

Installed Plug-ins

  • Next Generation Java Plug-in 10.67.2 for Mozilla browsers
  • NPRuntime Script Plug-in Library for Java(TM) Deploy
  • Adobe PDF Plug-In For Firefox and Netscape 11.0.8
  • Shockwave Flash 14.0 r0
  • Google Update
  • 5.1.30514.0
  • McAfee MSC FF plugin DLL
  • The QuickTime Plugin allows you to view a wide variety of multimedia content in Web pages. For more information, visit the QuickTime Web site.
  • RealPlayer(tm) LiveConnect-Enabled Plug-In
  • RealPlayer Download Plugin
  • iTunes Detector Plug-in
  • GEPlugin
  • Shockwave Flash 11.8 r800
  • RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In
  • RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In
  • RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In
  • RealDownloader Plugin
  • Amazon MP3 Downloader Plugin 1.0.17
  • RealJukebox Netscape Plugin
  • RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
  • RealPlayer(tm) HTML5VideoShim Plug-In
  • Plugin for Wacom tablets.
  • Unity Player 3.5.2f2
  • DivX Plus Web Player version 2.2.0.52
  • Plug-in for detecting Nero Kwik Media.
  • DivX VOD Helper Plug-in
  • NVIDIA 3D Vision Streaming plugin for Mozilla browsers
  • NVIDIA 3D Vision plugin for Mozilla browsers
  • Yahoo! activeX Plug-in Bridge

Application

  • Firefox 32.0
  • User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:32.0) Gecko/20100101 Firefox/32.0
  • Support URL: https://support.mozilla.org/1/firefox/32.0/WINNT/fr/

Extensions

  • Troubleshooter 1.1a (troubleshooter@mozilla.org)
  • McAfee Security Scan Plus 1.0 ({e4f94d1e-2f53-401e-8885-681602c0ddd8}) (Inactive)

Javascript

  • incrementalGCEnabled: True

Graphics

  • adapterDescription: NVIDIA GeForce GTS 450
  • adapterDescription2:
  • adapterDeviceID: 0x1245
  • adapterDeviceID2:
  • adapterDrivers: nvd3dumx,nvwgf2umx,nvwgf2umx nvd3dum,nvwgf2um,nvwgf2um
  • adapterDrivers2:
  • adapterRAM: 1023
  • adapterRAM2:
  • adapterVendorID: 0x10de
  • adapterVendorID2:
  • direct2DEnabled: True
  • directWriteEnabled: True
  • directWriteVersion: 6.2.9200.16571
  • driverDate: 3-23-2011
  • driverDate2:
  • driverVersion: 8.17.12.6785
  • driverVersion2:
  • info: {u'AzureCanvasBackend': u'direct2d', u'AzureFallbackCanvasBackend': u'cairo', u'AzureContentBackend': u'direct2d', u'AzureSkiaAccelerated': 0}
  • isGPU2Active: False
  • numAcceleratedWindows: 1
  • numTotalWindows: 1
  • webglRenderer: Google Inc. -- ANGLE (NVIDIA GeForce GTS 450 Direct3D9Ex vs_3_0 ps_3_0)
  • windowLayerManagerRemote: False
  • windowLayerManagerType: Direct3D 10

Modified Preferences

  • browser.cache.disk.capacity: 358400
  • browser.cache.disk.smart_size.first_run: False
  • browser.cache.disk.smart_size.use_old_max: False
  • browser.cache.frecency_experiment: 3
  • browser.places.smartBookmarksVersion: 7
  • browser.search.update: False
  • browser.sessionstore.upgradeBackup.latestBuildID: 20140825202822
  • browser.startup.homepage: http://www.lexisnexis.fr/liens/depeches.html#top| https://www.fdj.fr/accueil/|www.amazon.fr|www.amazon.co.uk|http://www.tv.com|https://mail.google.com/mail/u/0/?shva=1#inbox|https://twitter.com/
  • browser.startup.homepage_override.buildID: 20140825202822
  • browser.startup.homepage_override.mstone: 32.0
  • dom.mozApps.used: True
  • extensions.lastAppVersion: 32.0
  • gfx.direct3d.last_used_feature_level_idx: 0
  • network.cookie.prefsMigrated: True
  • places.history.expiration.transient_current_max_pages: 104858
  • plugin.disable_full_page_plugin_for_types: application/pdf
  • plugin.importedState: True
  • privacy.sanitize.migrateFx3Prefs: True

Misc

  • User JS: No
  • Accessibility: No
philipp
  • Top 25 Contributor
  • Moderator
5320 solutions 23501 answers

this article was intended for website owners, so it doesn't apply to your situation...

this article was intended for website owners, so it doesn't apply to your situation...

Question owner

Ok, thanks

Ok, thanks

Question owner

Back again, have reinstalled once more firefox from scratch, same problem. Not sure I understand what is ISP problem suggested by @philipp. I am really fed up now, nothing seems to work. I loved firefox but thinking of moving to another Internet browser, not sure which one though, I do not like Opera and I do not trust Google Chrome, IE is fairly basic so what do you suggest if I cannot have Firefox back and kicking? do you think Chrome is safe?

Back again, have reinstalled once more firefox from scratch, same problem. Not sure I understand what is ISP problem suggested by @philipp. I am really fed up now, nothing seems to work. I loved firefox but thinking of moving to another Internet browser, not sure which one though, I do not like Opera and I do not trust Google Chrome, IE is fairly basic so what do you suggest if I cannot have Firefox back and kicking? do you think Chrome is safe?
cor-el
  • Top 10 Contributor
  • Moderator
17567 solutions 158879 answers

Check the date and time and time zone in the clock on your computer: (double) click the clock icon on the Windows Taskbar.

Check the date and time and time zone in the clock on your computer: (double) click the clock icon on the Windows Taskbar. *https://support.mozilla.org/kb/Secure+Connection+Failed

Question owner

Hi Cor-el, no not the problem, as I said before, date and time are correct.

Hi Cor-el, no not the problem, as I said before, date and time are correct.
cor-el
  • Top 10 Contributor
  • Moderator
17567 solutions 158879 answers

There are two likely causes, one is a wrong date and time and the other is that Firefox gets the wrong certificate and inspecting the issuer of the certificate should confirm this.

How does the certificate chain show if you check this on the Details tab in the Certificate Manager.

You can retrieve the certificate and check details like who issued certificates and expiration dates of certificates.

  • Click the link at the bottom of the error page: "I Understand the Risks"

Let Firefox retrieve the certificate: "Add Exception" -> "Get Certificate".

  • Click the "View..." button and inspect the certificate and check who is the issuer of the certificate.

You can see more Details like intermediate certificates that are used in the Details pane.

Can you post a screenshot with the content of the "Technical Details" and a screenshot of the window that opens when you click the View button and of the Details pane with the issuer selected?

There are two likely causes, one is a wrong date and time and the other is that Firefox gets the wrong certificate and inspecting the issuer of the certificate should confirm this. How does the certificate chain show if you check this on the Details tab in the Certificate Manager. You can retrieve the certificate and check details like who issued certificates and expiration dates of certificates. *Click the link at the bottom of the error page: "I Understand the Risks" Let Firefox retrieve the certificate: "Add Exception" -> "Get Certificate". *Click the "View..." button and inspect the certificate and check who is the issuer of the certificate. You can see more Details like intermediate certificates that are used in the Details pane. Can you post a screenshot with the content of the "Technical Details" and a screenshot of the window that opens when you click the View button and of the Details pane with the issuer selected?

Modified by cor-el

cor-el
  • Top 10 Contributor
  • Moderator
17567 solutions 158879 answers

That article is about installing missing (intermediate) certificates on a web server and doesn't apply to your situation and this would only help for websites that use PositiveSSL Certificates.

If deleting the cert.db didn't help the renaming the file won't work as well as both will make Firefox create a new file. The only way to recover cleanly is to check the certificate chain to see what is wrong with it, e.g. you get a certificate issued by another website or intermediate proxy or the certificate isn't valid for other reasons.

That article is about installing missing (intermediate) certificates on a web server and doesn't apply to your situation and this would only help for websites that use PositiveSSL Certificates. If deleting the cert.db didn't help the renaming the file won't work as well as both will make Firefox create a new file. The only way to recover cleanly is to check the certificate chain to see what is wrong with it, e.g. you get a certificate issued by another website or intermediate proxy or the certificate isn't valid for other reasons.

Question owner

@cor-el Hello, Do not know how to insert a screen print in here, but as posted before it says (and it has not changed)


Nom commun (CN) VeriSign Class 3 Public Primary Certification Authority - G5 Organisation (O) VeriSign, Inc. Unité d’organisation (OU) VeriSign Trust Network

@cor-el Hello, Do not know how to insert a screen print in here, but as posted before it says (and it has not changed) Nom commun (CN) VeriSign Class 3 Public Primary Certification Authority - G5 Organisation (O) VeriSign, Inc. Unité d’organisation (OU) VeriSign Trust Network
cor-el
  • Top 10 Contributor
  • Moderator
17567 solutions 158879 answers

It should work that way, so if there are still problems like in your case then something else is wrong.

A full certificate chain starts with the certificate that a web server sends and ends with a built-in root certificate with possible one or more intermediate certificates between the certificate of the website and the root certificate.

In Firefox 32 and later some weak root certificates were disabled (removed) and can no longer be used. There are VeriSign certificates mentioned.

Quote:

As part of the ongoing security improvements, several SSL and code signing trust bits for 1024-bit root certificates have been removed from Network Security Services (NSS) used in Firefox and other products. Those include AC Raíz Certicámara, Entrust.net, GTE CyberTrust, NetLock, TDC Internet, ValiCert and VeriSign. 1024-bit root certificates will all be removed over the next few Firefox releases, because these are no longer considered as secure.
It should work that way, so if there are still problems like in your case then something else is wrong. A full certificate chain starts with the certificate that a web server sends and ends with a built-in root certificate with possible one or more intermediate certificates between the certificate of the website and the root certificate. In Firefox 32 and later some weak root certificates were disabled (removed) and can no longer be used. There are VeriSign certificates mentioned. *https://developer.mozilla.org/en-US/Firefox/Releases/32/Site_Compatibility#Security Quote: <blockquote>As part of the ongoing security improvements, several SSL and code signing trust bits for 1024-bit root certificates have been removed from Network Security Services (NSS) used in Firefox and other products. Those include AC Raíz Certicámara, Entrust.net, GTE CyberTrust, NetLock, TDC Internet, ValiCert and <u>VeriSign</u>. 1024-bit root certificates will all be removed over the next few Firefox releases, because these are no longer considered as secure.</blockquote>

Question owner

Hi Cor-el, I do not think the problem is a certificate since it does it on every single site (even Mozilla) plus for some when I add the certificate I still cannot see the site properly. My guts tell me there is a conflict between Firefox and McAfee but I might be wrong...

Hi Cor-el, I do not think the problem is a certificate since it does it on every single site (even Mozilla) plus for some when I add the certificate I still cannot see the site properly. My guts tell me there is a conflict between Firefox and McAfee but I might be wrong...