It works for me.

Try changing DNS over HTTPS (DoH) to "Off" or "Max Protection" and in Connection Settings change "Use system proxy settings" to "No proxy".

Disable any third-party antivirus or security software, this may require rebooting into Windows Safe Mode (networking enabled).

Hi @zeroknight I tried to change the settings but it didn't work I use the default windows antivirus. Maybe I have some problem with the certificates? It works on chrome so I guess it should be with the one managed directly by firefox is there a way to reset all the certs in firefox?

Who is the issuer of the certificate?

You can check details about the issuer of the certificate and the certificate chain.

• click the "Advanced" button on the error page to show more detail
• click the blue "View Certificate" text to inspect the certificate chain in the Certificate Viewer

If I go to Advanced -> View certificate I see the following log:

https://pasarela.clave.gob.es/Proxy2/ServiceProvider Peer’s Certificate issuer is not recognized. HTTP Strict Transport Security: false HTTP Public Key Pinning: false

Certificate chain:

MIII3zC....

Maybe this can be helpful to understand what is the problem?

Ok I managed to see the certificate details now. I took 2 screenshots: The first contains the issuer section The second two sections located below (I don't know what they are for but I see that there is an exclamation point on them so maybe there is some problem there)

When I check the cert through SSL Labs, it says that it should be accepted by Mozilla based on a complete certification path:

1 Sent by server *.clave.gob.es

2 Sent by server FNMT-RCM / AC Componentes Informáticos

3 In trust store FNMT-RCM / AC RAIZ FNMT-RCM Self-signed

Your screenshot doesn't show the third cert, so something seems to be missing from your trusted root certificates -- or the intermediate certificate isn't official.

You can check whether your Firefox has the FNMT certs by going into the Settings/Preferences page, typing cert slowly into the tiny search box and then clicking the View Certificates button. On the Authorities list, can you find an FNMT section?

You can click the blue SEC_ERROR_UNKNOWN_ISSUER button in the screenshot attached to the question to expand this section and paste the base64 encoded certificate code in a reply, so we can check the issuer.

• https://redkestrel.co.uk/products/decoder/

Try to rename the cert9.db file (cert9OLD.db) and remove a possible previously used cert8.db file in the Firefox profile folder with Firefox closed to remove intermediate certificates and exceptions that Firefox has cached.

• https://support.mozilla.org/en-US/kb/what-does-your-connection-is-not-secure-mean

If this has helped to solve the problem then you can remove the renamed cert9OLD.db file. Otherwise you can undo the rename and restore cert9.db.

You can use the button on the "Help -> More Troubleshooting Information" (about:support) page to go to the current Firefox profile folder or use the about:profiles page (Root directory).

• Help -> More Troubleshooting Information -> Profile Folder/Directory:
  Windows: Open Folder; Linux: Open Directory; Mac: Show in Finder
• https://support.mozilla.org/en-US/kb/profiles-where-firefox-stores-user-data

The rename/re-creation of the cert9.db file worked, thanks a lot cor-el! Thanks also to all the other people that provided possible solutions! :) I