Search Support

Beware of phishing attacks: Mozilla will never ask you to call a number or visit a non-Mozilla website. Please ignore such requests.

Learn More

The certificate is not trusted because no issuer chain was provided

  • 26 απαντήσεις
  • 160 έχουν αυτό το πρόβλημα
  • 37649 προβολές
  • Τελευταία απάντηση από jscher2000

more options

I have a problem accessing an https website with Firefox (26.0), but have no problems accessing it with either Chrome or IE. The particular URL deep links into a message forum.

https://www.lotro.com/forums/showthread.php?535472-Update-12-1-Scaling-Instance-Loot

I get the following error message:

This connection is untrusted You have asked Firefox to connect securely to www.lotro.com, but we can't confirm that your connection is secure. www.lotro.com uses an invalid security certificate. The certificate is not trusted because no issuer chain was provided. (Error code: sec_error_unknown_issuer)

Adding an exception works, but only for this one message thread. The next time I have a different thread we go through the same routine.

OK, I've read the forums a bit: Disabled all Add-ons I'm not running any SSL scanning. Both browser.xul.error_pages.enabled and browser.xul.error_pages.expert_bad_cert are set to True. Certificate dates are fine as is my clock/date. I've deleted cert8.db

When it does load rather than getting a lock I get an exclamation point and a mouseover says Website does not supply identify information.

When I tell Firefox to get the certificate I get:

Certificate Status: This site attempts to identify itself with invalid information. Unknown Identity Certificate is not trusted, because it hasn't been verified by a recognized authority using a secure signature.

When I view the certificate I find: Issued To Common Name (CN) *.lotro.com Organization (O) The Saul Zaentz Company Organizational Unit (OU) Secure LInk SSL Wirecard Issued By CN Network Solutions Certificate Authority O Network Solutions L.L.C. OU <Not Part of Certificate> Validity Issued on 1/3/2012 Expires on 1/17/2016

Under Details > Extensions I find Certificate Basic Constraints: Critical, Is not a Certificate Authority.

The security trust chain looks like this:

USERTrust

UTN-USER-First-Hardware Network Solutions Certificate Authority *.lotro.com

All Replies (6)

more options

Hi Paul5358, I've been assuming the "Software Security Device" certificates are accumulated as Firefox encounters and validates them. If that's true, your lack of such items probably is due to deleting your old certificate file (cert8.db). But I may be wrong about the source of those.

more options

Yes, certificates that show as "Software Security Device" are intermediate certificates that Firefox automatically stores for future use when you visit a website the send such a certificate.

If a server doesn't send a full certificate chain then you won't get an error when Firefox has stored missing intermediate certificates from visiting a server in the past that has send it, but you do get an error if this intermediate certificate isn't stored.

more options

I had this same error. Started up for no reason at all, that I could figure. Then, I noticed I had Fiddler running in the background.

Closing it made the problem go away-- Fiddler had done something strange. When I went to add an exception to a site and looked at the Certificate Status I saw a bunch of entries in the Common Name and Organization info stating "DO_NOT_TRUST" and "DO_NOT_TRUST_FiddlerRoot"

more options

Hi larryq, do you recall installing Fiddler? If not, some other software with bad intentions may have installed it. In addition to deleting those exceptions, you may want to run some supplemental malware scans. This article lists tools other Firefox users have found helpful: Troubleshoot Firefox issues caused by malware.

more options

Yes, I specifically installed it to debug web sessions; capture HTTP response codes, etc.

As soon as I closed Fiddler my problems with FF and https certificates went away.

more options

Hi larryq, it's nice when there is an innocent explanation.

If you still want to track HTTP traffic, you can turn off HTTPS decoding to avoid certificate issues. This article shows where that setting is in Fiddler's options: http://fiddler2.com/documentation/Con.../DecryptHTTPS.

  1. 1
  2. 2