What do the security warning codes mean?
Revision Information
- Revision id: 115559
- Created:
- Creator: AliceWyman
- Comment: small edit to pending revision
- Reviewed: No
- Ready for localization: No
Revision Source
Revision Content
When Firefox connects to a secure website (i.e. the URL begins with "https://"), it must verify that the certificate presented by the website is valid and that the encryption is strong enough to adequately protect your privacy. If the certificate cannot be validated or if the encryption is not strong enough, Firefox will stop the connection to the website and instead show an error page.
On some websites there is an option to report secure connection errors to Mozilla for statistical purposes:
To troubleshoot secure connection problems with the error message Secure Connection Failed, see the Secure connection failed and Firefox did not connect article.
When Firefox connects to a secure website (i.e. the URL begins with "https://"), it must verify that the certificate presented by the website is valid and that the encryption is strong enough to adequately protect your privacy. If the certificate cannot be validated or if the encryption is not strong enough, Firefox will stop the connection to the website and instead show an error page:
- To troubleshoot secure connection problems with the error message Secure Connection Failed, see the Secure connection failed and Firefox did not connect article.
Table of Contents
- 1 What to do if you see this error?
- 2 Technical information
- 2.1 Certificate will not be valid until (date)
- 2.2 The certificate expired on (date)
- 2.3 The certificate is not trusted because no issuer chain was provided
- 2.4 The certificate is not trusted because the issuer certificate is unknown
- 2.5 The certificate is not trusted because it is self-signed
- 2.6 Certificate is only valid for (site name)
- 3 Bypassing the warning
- 4 Reporting the Error
What to do if you see this error?
If you encounter such an error message, if possible, you should contact the owners of the website and inform them of the error. It is recommended that you wait for the website to be fixed before using it. The safest thing to do is to click
, or to visit a different website. Unless you know and understand the technical reason why the website presented incorrect identification, and are willing to risk communicating over a connection that could be vulnerable to an eavesdropper, you should not proceed to the website.Technical information
Click on
for more information on why the connection is not secure. Some common errors are described below:Certificate will not be valid until (date)
(Error code: sec_error_expired_issuer_certificate)
The error text will also show the current date and time of your system. In case this is incorrect, set your system clock to today's date and time (double-click the clock icon on the Windows Taskbar) in order to fix the problem.
The certificate expired on (date)
(Error code: sec_error_expired_certificate)
This error occurs when a website's identity certification has expired.
The error text will also show the current date and time of your system. In case this is incorrect, set your system clock to today's date and time (double-click the clock icon on the Windows Taskbar) in order to fix the problem.
The certificate is not trusted because no issuer chain was provided
(Error code: sec_error_unknown_issuer)
You may have enabled SSL scanning in your security software such as ESET or BitDefender. Try to disable this option.
The certificate is not trusted because the issuer certificate is unknown
(Error code: sec_error_unknown_issuer)
The file cert8.db in your profile folder may have become corrupted. Delete this file while Firefox is closed.
Open your profile folder:
- Click the menu button , click and select .From the The Troubleshooting Information tab will open. menu, select .
- Under the Application Basics section next to Profile FolderDirectory, click . A window will open that contains your profile folder.Your profile folder will open.
Note: If you are unable to open or use Firefox, follow the instructions in Finding your profile without opening Firefox.- Click the Firefox menu and select .Click the Firefox menu at the top of the screen and select .Click the Firefox menu and select .
- Click on the file named cert8.db.
- Press command+Delete.
- Restart Firefox.cert8.db will be recreated when you restart Firefox. This is normal.
The certificate is not trusted because it is self-signed
(Error code: sec_error_untrusted_issuer)
Self-signed certificates make your data safe from eavesdroppers, but say nothing about who the recipient of the data is. This is common for intranet websites that aren't available publicly.
Certificate is only valid for (site name)
(Error code: ssl_error_bad_cert_domain)
This error is telling you that the identification sent to you by the site is actually for another site. While anything you send would be safe from eavesdroppers, the recipient may not be who you think it is.
A common situation is when the certificate is actually for a different part of the same site. For example, you may have visited https://example.com, but the certificate is for https://www.example.com. In this case, if you access https://www.example.com directly, you should not receive the warning.
Bypassing the warning
You should only bypass the warning if you're confident in both the identity of the website and the integrity of your connection - even if you trust the site, someone could be tampering with your connection. Data you enter into a site over over a weakly encrypted connection can be vulnerable to eavesdroppers as well.
In order to bypass the warning page, click
:- On sites with a weak encryption you will then be shown an option to load the site using outdated security.
- On sites which certificate cannot be validated, you might be given the option to add an exception.
Reporting the Error
On some websites there is an option to report the error to Mozilla for statistical purposes: