X
Tryk her for at gå til webstedets mobilversion.

Supportforum

I found a fix for "Your connection is not secure"

Skrevet

Periodically when Firefox is updated, it starts rejecting Yahoo Mail from loading, giving the "Your connection is not secure" / SEC_ERROR_UNKNOWN_ISSUER error. Unfortunately, it does not give you the option to add an exception, which clears up the problem most of the time.

Today this happened again with no ability to add an exception, and after looking at various websites for hours, trying to find a fix, I stumbled on one: Having Firefox "...automatically search for and import CAs that have been added to the Windows certificate store by a user or administrator." These are root certificates which you've manually imported. If you understood that last sentence, then it means you've probably done it on your computer; I know I have. The steps to fix it are these, and I cite the original web page further below:

- Open a new window in Firefox and type "about:config" without the quotes and hit enter - Confirm that you want to continue - In the search field, type in security.enterprise_roots.enabled and hit enter - you'll be left with one field - If it's marked as "false" then double-clicking it should turn it to "true" - Close the window, then go back to your Yahoo email login and try again. For me, this worked *perfectly*!

Here's the site where I found the info, under the "Experimental Built-in Windows Support" section: https://wiki.mozilla.org/CA:AddRootToFirefox

Good luck - I hope this helps to fix your Yahoo email login problem, too!

Periodically when Firefox is updated, it starts rejecting Yahoo Mail from loading, giving the "Your connection is not secure" / SEC_ERROR_UNKNOWN_ISSUER error. Unfortunately, it does not give you the option to add an exception, which clears up the problem most of the time. Today this happened again with no ability to add an exception, and after looking at various websites for hours, trying to find a fix, I stumbled on one: Having Firefox "...automatically search for and import CAs that have been added to the Windows certificate store by a user or administrator." These are root certificates which you've manually imported. If you understood that last sentence, then it means you've probably done it on your computer; I know I have. The steps to fix it are these, and I cite the original web page further below: - Open a new window in Firefox and type "about:config" without the quotes and hit enter - Confirm that you want to continue - In the search field, type in security.enterprise_roots.enabled and hit enter - you'll be left with one field - If it's marked as "false" then double-clicking it should turn it to "true" - Close the window, then go back to your Yahoo email login and try again. For me, this worked *perfectly*! Here's the site where I found the info, under the "Experimental Built-in Windows Support" section: https://wiki.mozilla.org/CA:AddRootToFirefox Good luck - I hope this helps to fix your Yahoo email login problem, too!

Valgt løsning

I'm replying to my own thread because the original note obliterated the formatting of my list o' steps. So here they are again, hopefully in a much nicer-looking list:

  • Open a new window in Firefox and type "about:config" without the quotes and hit enter
  • Confirm that you want to continue
  • In the search field, type in security.enterprise_roots.enabled and hit enter - you'll be left with one field
  • If it's marked as "false" then double-clicking it should turn it to "true"
  • Close the window, then go back to your Yahoo email login and try again. For me, this worked *perfectly*!
Læs dette svar i sammenhæng 3

Yderligere systemdetaljer

Installerede plugins

  • Shockwave Flash 30.0 r0

Program

  • User Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:62.0) Gecko/20100101 Firefox/62.0

Yderligere information

Luk

Valgt løsning

I'm replying to my own thread because the original note obliterated the formatting of my list o' steps. So here they are again, hopefully in a much nicer-looking list:

  • Open a new window in Firefox and type "about:config" without the quotes and hit enter
  • Confirm that you want to continue
  • In the search field, type in security.enterprise_roots.enabled and hit enter - you'll be left with one field
  • If it's marked as "false" then double-clicking it should turn it to "true"
  • Close the window, then go back to your Yahoo email login and try again. For me, this worked *perfectly*!
I'm replying to my own thread because the original note obliterated the formatting of my list o' steps. So here they are again, hopefully in a much nicer-looking list: * Open a new window in Firefox and type "about:config" without the quotes and hit enter * Confirm that you want to continue * In the search field, type in security.enterprise_roots.enabled and hit enter - you'll be left with one field * If it's marked as "false" then double-clicking it should turn it to "true" * Close the window, then go back to your Yahoo email login and try again. For me, this worked *perfectly*!
jscher2000
  • Top 10 Contributor
8773 løsninger 71719 svar

Hi decay, I just want to add a note on why that works.

The UNKNOWN_ISSUER message most often indicates there is a "man in the middle" of the connection between Firefox and the website. That could be something innocent like your parental control or security software, or it could be malware or a distrustful government somewhere.

Usually any "man in the middle" will insert a certificate into the system certificate store so that IE, Chrome, and Safari will not notice the problem. However, the software sometimes fails to set up Firefox.

When you change the preference, you are telling Firefox to accept the signing certificates saved in the Windows/Mac certificate store as valid authorities, as a shortcut to setting them up in Firefox's own certificate store.

decay said

Periodically when Firefox is updated, it starts rejecting Yahoo Mail from loading, giving the "Your connection is not secure" / SEC_ERROR_UNKNOWN_ISSUER error. Unfortunately, it does not give you the option to add an exception, which clears up the problem most of the time.

You should never need to create an exception for a well-run commercial website, particularly one that handles sensitive data. I recommend you always investigate who is the man in the middle before you do that.

Since you changed the setting, you can see that right from the Page Info dialog. Either:

  • right-click (on Mac Ctrl+click) a blank area of the page and choose View Page Info > Security > "View Certificate"
  • (menu bar) Tools > Page Info > Security > "View Certificate"
  • click the padlock or "i" icon in the address bar, then the ">" button, then More Information, and finally the "View Certificate" button

In the dialog that opens, the interesting part is the "Issued by" section, which often will help you track down the source of the interception.

Also, for general reference, How to troubleshoot security error codes on secure websites.

Hi decay, I just want to add a note on why that works. The UNKNOWN_ISSUER message most often indicates there is a "man in the middle" of the connection between Firefox and the website. That could be something innocent like your parental control or security software, or it could be malware or a distrustful government somewhere. Usually any "man in the middle" will insert a certificate into the system certificate store so that IE, Chrome, and Safari will not notice the problem. However, the software sometimes fails to set up Firefox. When you change the preference, you are telling Firefox to accept the signing certificates saved in the Windows/Mac certificate store as valid authorities, as a shortcut to setting them up in Firefox's own certificate store. ''decay [[#question-1232718|said]]'' <blockquote> Periodically when Firefox is updated, it starts rejecting Yahoo Mail from loading, giving the "Your connection is not secure" / SEC_ERROR_UNKNOWN_ISSUER error. '''Unfortunately, it does not give you the option to add an exception, which clears up the problem most of the time.'''</blockquote> You should never need to create an exception for a well-run commercial website, particularly one that handles sensitive data. I recommend you always investigate ''who is the man in the middle'' before you do that. Since you changed the setting, you can see that right from the Page Info dialog. Either: * right-click (on Mac Ctrl+click) a blank area of the page and choose View Page Info > Security > "View Certificate" * (menu bar) Tools > Page Info > Security > "View Certificate" * click the padlock or "i" icon in the address bar, then the ">" button, then More Information, and finally the "View Certificate" button In the dialog that opens, the interesting part is the "Issued by" section, which often will help you track down the source of the interception. Also, for general reference, [[How to troubleshoot "Your connection is not secure" error codes on secure websites]].