Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Can't add exception to a https site, with self signed certificate!

  • 19 replies
  • 17 have this problem
  • 142 views
  • Last reply by cor-el

more options

When i try to connect to a site with a self signed certificate i can't complete the connection.

When i try to connect to a site with a self signed certificate i can't complete the connection.

Chosen solution

gperes, I ran into this same issue with a Cisco device that had a self-signed cert by default.

Preferences - Advanced - Encryption - View Certificates - * Authorities *

There was an authority named "IOS-self-signed" or something like that from the Cisco device. Deleting that and then restarting Firefox solved the issue for me.

What helped me find that Authority to look for was using Safari to go to the device and view the SSL info. Hate that Firefox (21.0) blocks you completely and doesn't even let you view the cert info. PLEASE FIX Mozilla!! I should at least be able to view the cert.

Read this answer in context 👍 2

All Replies (19)

more options

There are a variety of firefox extensions to mitigate this behavior:

https://addons.mozilla.org/en-US/firefox/search/?q=certificate

more options

Still can't access the page! These addons only shows or import/export the certificates. Don't fix the problem.

more options

I am having the same problem. It says the certificate is not trusted BUT doesn't give you the choice to add an exception. But get this... I have another computer and it works just fine on that one. How the heck do you explain that one? All settings are the same. I'm so tired of you Firefox.

more options

Can you post a link to such a page?

If you have visited that domain previously then you may already have stored an exception.

You can try to rename the cert8.db file in the Firefox profile folder to cert8.db.old or delete the cert8.db file to remove intermediate certificates that Firefox has stored.

If that helped to solve the problem then you can remove the renamed cert8.db.old file.
Otherwise you can rename (or copy) the cert8.db.old file to cert8.db to restore the previous intermediate certificates.
Firefox will automatically store intermediate certificates when you visit websites that send such a certificate.


Also check the date and time in the clock on your computer: (double) click the clock icon on the Windows Taskbar.

more options

Still the same problem!

more options

No change, I've moved on to Chrome.

more options

I will have to change the browser and not recommend to anyone, I've posted for almost a month and till now, nobody from mozilla have at least the consideration to try to discuss the problem.

more options

I found an answer at this site http://support.mozilla.org/en-US/questions/929298

Quote: hello shrenikd & dtrager - apparently the hiding of the possibility to add exceptions in an iframe is by design in order to avoid fraudulent attempts to apply a certificate to users who think they are on a different page (see new comments on the bug).

@dtrager - in case the page you're trying to access is embedded in an iframe, right-click the error page, click on "this frame" > "show only this frame" and hopefully you can add an exception in the next step. this should only be necessary once if you choose to permanently store the exception.

more options

Still don't work, it is not in a frame, so doesn't work this workaround. I will change the browser is not possible that a question like this one is posted for this long and nobody from mozilla have at least the consideration to contact to understand the problem. I always used the firefox browser, but for the first time in my life i think to use other browser that is not firefox.

more options

Did you ever create an exception in the past for that site?

  • Tools > Options > Advanced : Encryption: Certificates - View Certificates > Servers

See also:

more options

nope. There is no exception created for this site. it was the first time that i've tried to access the site.

more options

https://icalmscontent.ultimatix.net/ I cannot add exception. I did -> I understand the technical Risk - > Add Exception -> disabled confirm security exception

Certificate status - > Valid

this site provide valid verified identification. no need to add an exception.

more options

Check the date and time in the clock on your computer: (double) click the clock icon on the Windows Taskbar.

Did you try to click the View Certificate button to retrieve and inspect the certificate and check the certificate chain?

more options

I know that the intentions are good in try everything that is simple, but it is not the case, the computer is up to date, date and time are working fine and only firefox do this.

more options

Clear all you browser's cache. Mostly likely you have connected to the https site before and certificate is saved somewhere.

more options

I already have tried this, but doesn't work.

more options

Chosen Solution

gperes, I ran into this same issue with a Cisco device that had a self-signed cert by default.

Preferences - Advanced - Encryption - View Certificates - * Authorities *

There was an authority named "IOS-self-signed" or something like that from the Cisco device. Deleting that and then restarting Firefox solved the issue for me.

What helped me find that Authority to look for was using Safari to go to the device and view the SSL info. Hate that Firefox (21.0) blocks you completely and doesn't even let you view the cert info. PLEASE FIX Mozilla!! I should at least be able to view the cert.

more options

I ran into the same problem.

In my case, what I needed to do was trust the CA more. The CA that had provided the invalid cert (was expired) was not enabled for website validation.

I had to find the CA name using another browser (because FF would not let me get far enough). I openned the page in Chrome, clicked the broken lock and then "Certificate Information" to display more details about the certificate causing the problem. In this case it was Rapid SSL CA under GeoTrust Inc.

Switching back to FireFox, I went to the Authorities list...

Preferences - Advanced - Encryption - View Certificates - * Authorities *

I selected the problem CA and then clicked the "Edit Trust" button. Enable the trust settings checkboxes.

Restart FireFox and was good to go...

The next time I hit the troubled page, I could add exception for cert and from then on use it.

Modified by DanD

more options

You should never set any trust bits for intermediate certificates that are identified as "Software Security Device".
Only trusted root certificates (Builtin Object Token or possibly imported root certificates) should have trust bits set.