hello Jancarius,

follow the steps:

1.) Correct the Date and Time on your Android Device and Computer

2.) Clear Browsing Data on browser.

3.) Check and Change WiFi Connection.

4.) Temporarily Disable Antivirus.

5.) Reset your Android Device and Computer.

6.) Goto Safe mode: ctrl+Shift+P

I hope resolved your problem then reply back to me.

Thank you!

Unfortunately it did not. I'm not having an issue with my android device, only a Win10 laptop.

hello again,

i know , Jancarius,

no problem,

follow the steps :

1.) Correct the Date and Time on your Computer

2.) Clear cookies and cache .

3.) Check and Change WiFi Connection.

4.) Temporarily Disable Antivirus. [this is compulsory ]

5.) Reset your Computer.

6.) Goto Safe mode: ctrl+Shift+P

I hope to resolve your problem then reply back to me.

Thank you!

Using MalwareBytes, disabled all protections, then proceeded with steps. Issue remains.

Clarification request: Did you mean safe mode in the browser with Ctrl+Shift+P, or safe mode of the computer during boot

Hi Jancarius, do you generally use Firefox's built-in certificate store on your browsers, or the system certificate store? You can check that in a somewhat obscure way:

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button accepting the risk.

(2) In the search box in the page, type or paste enterp and pause while the list is filtered

If the security.enterprise_roots.enabled preference has:

• false => Firefox is using cert9.db in your profile as its certificate store for verification
• true => Firefox is using the system certificate store for verification

Jscher: Looks like it's set to false. I'm guessing if I change it to true, it will use my windows store, which I assume will be updated by Microsoft normally. Is there a way to force the update of the firefox db specifically?

You can check if more detail is available about the issuer of the certificate.

• click the "Advanced" button show more detail
• click the blue error text (SEC_ERROR_UNKNOWN_ISSUER) to show the certificate chain
• click "Copy text to clipboard" and paste the base64 certificate chain text in a reply

If clicking the blue error text doesn't provide the certificate chain then try these steps to inspect the certificate.

• open the Servers tab in the Certificate Manager
• Options/Preferences -> Privacy & Security
  Certificates: View Certificates -> Servers: "Add Exception"
• paste the URL of the website (https://xxx.xxx) in it's Location field

Let Firefox retrieve the certificate -> "Get Certificate"

• click the "View" button and inspect the certificate

You can find detail like the issuer of the certificate and intermediate certificates in the Details tab.

Cor-el: Yes I'm familiar with how the cert chains work. I'm confident the chains in question are valid; even other browsers on the same computer show the same cert without the invalid ssl error.

One possible explanation is the server not sending an intermediate certificate necessary to validate the site's own certificate up to a trusted root. But this is not so common that it would affect a lot of sites at once.

You could try removing Firefox's current certificate store file and let Firefox start a new one. The "Corrupted certificate store" section of the following article has the steps: What do the security warning codes mean?

Thank you jscher2000, that was the working solution. After removing cert9 the errors seem to have vanished.