SEC_ERROR_UNKNOWN_ISSUER
When using firefox + burp suite (with its certificate), everything is fine. But with no proxy:
Peer’s Certificate issuer is not recognized.
HTTP Strict Transport Security: false HTTP Public Key Pinning: true
Certificate chain:
BEGIN CERTIFICATE-----
MIIC4jCCAcqgAwIBAgIRAKURFe01tmyNm0KqvjsVAYEwDQYJKoZIhvcNAQELBQAw KTELMAkGA1UEBhMCRU4xGjAYBgNVBAMMEUdlbmVyaWMgUm9vdCBDQSAzMB4XDTE3 MDkxMzE3MjAwMVoXDTE3MTIwNjE3MTAwMFowaDELMAkGA1UEBhMCVVMxEzARBgNV BAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDU1vdW50YWluIFZpZXcxEzARBgNVBAoM Ckdvb2dsZSBJbmMxFzAVBgNVBAMMDnd3dy5nb29nbGUuY29tMIGfMA0GCSqGSIb3 DQEBAQUAA4GNADCBiQKBgQC0GsGqbcQdXlzFRtKp967AoBgyr8LQP3wy41Jh9GIZ uMs1wupLFrLRIm0fWhS08sE5tiADWNALs1aEftGXVltSHnZJUfPqRLIBdks2GN5n grEg7BRsK4wPvBY1RmKSEOaFNKLv6TZ+UVkV/gV+uXE6v4v+bmjQ1Pxcxggoq+Yz FwIDAQABo0owSDAZBgNVHREEEjAQgg53d3cuZ29vZ2xlLmNvbTAMBgNVHRMBAf8E AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsF AAOCAQEAstZ4mSj5X3WnPn6DzFVio3zeR8L6IDaMsl9GjW2gqz43E3HPKgVpRZNS DF4sVmk5lq2Bjdo1LK8BTHUQxgU/66KcqnZu8B6OWYe9y/wCn1JO/qEJ8U03i6OB /XSNCEOddKJEwY/tWZ6CW4yJdK2PJ7iMHiLSQ1VlqN/npasYGUmzOoigU+OMiY1x qGUJQ0U6+02rVWYLITEcq5z8IedHNHNddIWxhp+WK4pPubJFr8NOKYQhsUZtxUvT 6rLn58UFwNpD5FyK9poDsAfhmnsEh+13mwqC2F1SXLgQ6TyJ8rT8EXx3ng50Ztnn IMATFi5r5uflZm7HipeFNuYDBAD7eg==
END CERTIFICATE-----
All Replies (3)
Downloaded Chrome, the same problem. May be I did something wrong to certificates (did something like "c-a certificate reinstall", don't remember what actually it was)?
There is security software like Avast, Kaspersky, BitDefender and ESET that intercept secure connections and send their own certificate.
https://support.mozilla.org/en-US/kb/firefox-cant-load-websites-other-browsers-can
https://support.mozilla.org/en-US/kb/firefox-and-other-browsers-cant-load-websites
https://support.mozilla.org/en-US/kb/secure-connection-failed-error-message
https://support.mozilla.org/en-US/kb/connection-untrusted-error-message
http://kb.mozillazine.org/Error_loading_websites
How to troubleshoot the error code "SEC_ERROR_UNKNOWN_ISSUER"
on secure websites
https://support.mozilla.org/en-US/kb/troubleshoot-SEC_ERROR_UNKNOWN_ISSUER
The issuer of the certificate is Generic Root CA 3.
I see this result in Google: How to disable HTTPS inspection in TMG 2010?
So you have some software that intercepts the connection and that sends its own certificate. Maybe check the system setting because Google Chrome is affected as well.
Subject C=US, ST=California, L=Mountain View, O=Google Inc, CN=www.google.com Issuer C=EN, CN=Generic Root CA 3 Valid From Sept. 13, 2017, 10:20 a.m. Valid To Dec. 6, 2017, 9:10 a.m.