X
Tap here to go to the mobile version of the site.

منتدى الدعم

Error code: sec_error_unknown_issuer

Posted

Hi, I have reviewed many similar posts but none of them works to fix my issue. Issue: "This Connection is Untrusted" with "sec_error_unknown_issuer ". But NO option of "I understand the risk". My firefox suddenly could not access websites such as YAHOO Mail, Google Mail, Facebook, Linkedin....etc while firefox is able to access other regular websites. Other broswers (IE, Chrome) do not have this issue.

Steps taken 1. Confirmed Date & time is correct. 2. "Certificate" shows these websites are in the list 3. Cleared Cache and cookies. 4. I am in company network. So I have to be either "auto-detect proxy" or "use system proxy setting". If I change to "no proxy", then Firefox could not get into any website. 5. deleted cert8.db

None of them worked to fix this issue. Please help to solve this issue. Thanks

Hi, I have reviewed many similar posts but none of them works to fix my issue. Issue: "This Connection is Untrusted" with "sec_error_unknown_issuer ". But NO option of "I understand the risk". My firefox suddenly could not access websites such as YAHOO Mail, Google Mail, Facebook, Linkedin....etc while firefox is able to access other regular websites. Other broswers (IE, Chrome) do not have this issue. Steps taken 1. Confirmed Date & time is correct. 2. "Certificate" shows these websites are in the list 3. Cleared Cache and cookies. 4. I am in company network. So I have to be either "auto-detect proxy" or "use system proxy setting". If I change to "no proxy", then Firefox could not get into any website. 5. deleted cert8.db None of them worked to fix this issue. Please help to solve this issue. Thanks

Chosen solution

IMPORTANT: MAKE SURE YOU TRUST THE INTERMEDIARY TO READ ALL OF YOUR SECURE TRANSMISSIONS BEFORE USING THIS SOLUTION. CHECK FOR MALWARE FIRST.

Actually it was a chain of one link, then another, then a clarification, so it's probably easiest to copy/paste:

Export

  • In the IE or Chrome certificate viewer, click the cert you want to export in the Certification Path tab and use the View Certificate button to open it directly. Note: In this case, try exporting the ROOT CA certificate at the top of the path.
  • Then click the Details tab and click the Copy to file button. This starts the Export Wizard. Use the DER format and save to a convenient location.

Import

  • In Firefox, open the Certificate Manager using: "3-bar" menu button (or Tools menu) > Options > Advanced > Certificates mini-tab > "View Certificates" button
  • Click the Authorities mini-tab and then the "Import" button, and find the DER file. Note: I suggest allowing the certificate for websites only unless your IT suggests otherwise.

I am attaching some screen shots for reference.

Does it work?

Read this answer in context 14

Additional System Details

Installed Plug-ins

  • Adobe PDF Plug-In For Firefox and Netscape 11.0.12
  • Vidyo Web Plugin
  • Citrix Receiver Plugin (Win32)
  • Citrix URL-Redirection Helper Plugin
  • Google Update
  • Office Authorization plug-in for NPAPI browsers
  • The plug-in allows you to open and edit files using Microsoft Office applications
  • Shockwave Flash 18.0 r0
  • 5.1.40728.0

Application

  • User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:41.0) Gecko/20100101 Firefox/41.0

More Information

jscher2000
  • Top 10 Contributor
8773 solutions 71729 answers

The cert8.db file you mentioned is Firefox's certificate store. Internet Explorer and Chrome share the Windows system certificate store, so they can be useful for further research.

Couple questions:

(1) Do you get the problem for ALL secure sites, including, for example, this one or my test page, or is it more selective?

https://jeffersonscher.com/res/jstest.php

(2) Is your company proxy "transparent" or does it occasionally redirect to a notification screen, for example, to warn you about leaving the network? For more information on what I'm driving at, please skim through the following thread:

Yahoo mail gives untrusted connection error (web gateway displays its own page under the address of the destination site).

The cert8.db file you mentioned is Firefox's certificate store. Internet Explorer and Chrome share the Windows system certificate store, so they can be useful for further research. Couple questions: (1) Do you get the problem for ALL secure sites, including, for example, this one or my test page, or is it more selective? https://jeffersonscher.com/res/jstest.php (2) Is your company proxy "transparent" or does it occasionally redirect to a notification screen, for example, to warn you about leaving the network? For more information on what I'm driving at, please skim through the following thread: [https://support.mozilla.org/questions/1084597 Yahoo mail gives untrusted connection error] (web gateway displays its own page under the address of the destination site).

Question owner

Hey, Jscher2000. Thanks for your feedback!

(1) No. I got the message " "This Connection is Untrusted" " as well. (though your website I could see "I understand the Risks" selection. It is selective, I think. I am able to go into some bank, credit card, brokerage trading website (assuming those are secure sites, right?)

(2) No. I have not being redirected to a notification screen (I did check the description from your provided link)

My version is 41.0 It suddenly has this issue last week. I tried to revert back to older version. 39.0 is totally fine with these websites. But some functions are not working in the older version. So hopefully this 41.0 issue could get fixed......

Very appreciated your input! Thanks!

Hey, Jscher2000. Thanks for your feedback! (1) No. I got the message " "This Connection is Untrusted" " as well. (though your website I could see "I understand the Risks" selection. It is selective, I think. I am able to go into some bank, credit card, brokerage trading website (assuming those are secure sites, right?) (2) No. I have not being redirected to a notification screen (I did check the description from your provided link) My version is 41.0 It suddenly has this issue last week. I tried to revert back to older version. 39.0 is totally fine with these websites. But some functions are not working in the older version. So hopefully this 41.0 issue could get fixed...... Very appreciated your input! Thanks!
jscher2000
  • Top 10 Contributor
8773 solutions 71729 answers

On #1, the main difference is whether the site forbids HTTP access, in that case, Firefox won't allow adding an exception, either.

On my page, could you inspect the certificate? Here's how:

Expand the "I understand the risks" section and look for an Add Exception button. You don't need to complete the process of adding an exception (I suggest not adding one until we know this isn't a malware issue) but you can use the dialog to view the information that makes Firefox suspicious.

Click Add Exception, then View. If View is not enabled, try the Get Certificate button first. Then in the Certificate Viewer, look at the "Issued by" section. What do you find there, and/or under Certificate Hierarchy? I have attached a screen shot for comparison.

On #1, the main difference is whether the site forbids HTTP access, in that case, Firefox won't allow adding an exception, either. On my page, could you inspect the certificate? Here's how: Expand the "I understand the risks" section and look for an Add Exception button. You don't need to complete the process of adding an exception (I suggest not adding one until we know this isn't a malware issue) but you can use the dialog to view the information that makes Firefox suspicious. Click Add Exception, then View. If View is not enabled, try the Get Certificate button first. Then in the Certificate Viewer, look at the "Issued by" section. What do you find there, and/or under Certificate Hierarchy? I have attached a screen shot for comparison.

Helpful Reply

Thanks. Here you go. Hopefully this is helpful.

Thanks. Here you go. Hopefully this is helpful.
jscher2000
  • Top 10 Contributor
8773 solutions 71729 answers

I assume you see the same information if you visit the same site and check the certificate in IE or Chrome. If not, that's a red flag.

If they are all the same, does it seem normal that "Bloomberg LP" would be intercepting your internet connection? If so, you can try trusting its root certificate. Please follow the export/import procedure in the other thread I linked to earlier to add that top level ROOT CA certificate to Firefox's certificate store.

I assume you see the same information if you visit the same site and check the certificate in IE or Chrome. If not, that's a red flag. If they are all the same, does it seem normal that "Bloomberg LP" would be intercepting your internet connection? If so, you can try trusting its root certificate. Please follow the export/import procedure in the other thread I linked to earlier to add that top level ROOT CA certificate to Firefox's certificate store.

Question owner

Hi, Jscher2000

Do you mind giving me the link of the procedure please? Tried a while but could not find it. Thanks again!

Hi, Jscher2000 Do you mind giving me the link of the procedure please? Tried a while but could not find it. Thanks again!
jscher2000
  • Top 10 Contributor
8773 solutions 71729 answers

Chosen Solution

IMPORTANT: MAKE SURE YOU TRUST THE INTERMEDIARY TO READ ALL OF YOUR SECURE TRANSMISSIONS BEFORE USING THIS SOLUTION. CHECK FOR MALWARE FIRST.

Actually it was a chain of one link, then another, then a clarification, so it's probably easiest to copy/paste:

Export

  • In the IE or Chrome certificate viewer, click the cert you want to export in the Certification Path tab and use the View Certificate button to open it directly. Note: In this case, try exporting the ROOT CA certificate at the top of the path.
  • Then click the Details tab and click the Copy to file button. This starts the Export Wizard. Use the DER format and save to a convenient location.

Import

  • In Firefox, open the Certificate Manager using: "3-bar" menu button (or Tools menu) > Options > Advanced > Certificates mini-tab > "View Certificates" button
  • Click the Authorities mini-tab and then the "Import" button, and find the DER file. Note: I suggest allowing the certificate for websites only unless your IT suggests otherwise.

I am attaching some screen shots for reference.

Does it work?

'''IMPORTANT: MAKE SURE YOU TRUST THE INTERMEDIARY TO ''READ ALL OF YOUR SECURE TRANSMISSIONS'' BEFORE USING THIS SOLUTION. CHECK FOR MALWARE FIRST.''' Actually it was a chain of one link, then another, then a clarification, so it's probably easiest to copy/paste: '''Export''' * In the IE or Chrome certificate viewer, click the cert you want to export in the Certification Path tab and use the View Certificate button to open it directly. ''Note: In this case, try exporting the ROOT CA certificate at the top of the path.'' * Then click the Details tab and click the Copy to file button. This starts the Export Wizard. Use the DER format and save to a convenient location. '''Import''' * In Firefox, open the Certificate Manager using: "3-bar" menu button (or Tools menu) > Options > Advanced > Certificates mini-tab > "View Certificates" button * Click the Authorities mini-tab and then the "Import" button, and find the DER file. ''Note: I suggest allowing the certificate for websites only unless your IT suggests otherwise.'' I am attaching some screen shots for reference. Does it work?

Modified by jscher2000

Helpful Reply

It WORKED!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! you da man! Thanks so much for your help. Very very appreciated your help!

It WORKED!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! you da man! Thanks so much for your help. Very very appreciated your help!
lith1um 0 solutions 2 answers

I have had the same issue before, i tried every possible fix including exporting the root CA from Chrome and importing in Firefox but it didnt work.

Finally i downloaded ADWCleaner and it detected some strange entries in the registry that looked like proxy.data & proxy.xxx etc.

After running the cleanup process and rebooting the PC, the problem has been resolved!!

I have had the same issue before, i tried every possible fix including exporting the root CA from Chrome and importing in Firefox but it didnt work. Finally i downloaded ADWCleaner and it detected some strange entries in the registry that looked like proxy.data & proxy.xxx etc. After running the cleanup process and rebooting the PC, the problem has been resolved!!