Your connection is not secure <Help>
I've exported and imported all my intermediate certificates from google chrome. I'm able to access google.com but unable to access various others like amazon, gitlab, github and so on.
By visiting amazon I clicked on the SEC_ERROR_UNKNOWN_ISSUER and the follwoing output was captured...
https://www.amazon.com/ Peer’s Certificate issuer is not recognized. HTTP Strict Transport Security: true HTTP Public Key Pinning: false Certificate chain: -----BEGIN CERTIFICATE----- MIIEzTCCA7WgAwIBAgIQSGpypcLH35aV+q3g6pUW1DANBgkqhkiG9w0BAQsFADBr MQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ08xEjAQBgNVBAcTCUxhZmF5ZXR0ZTEX MBUGA1UEChMOQmFsbCBBZXJvc3BhY2UxIjAgBgNVBAMUGWFlcm9fZGVjeXB0QGFl cm8uYmFsbC5jb20wHhcNMTgwNTA0MDAwMDAwWhcNMTkwNTA1MTIwMDAwWjBoMQsw CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHU2VhdHRs ZTEZMBcGA1UEChMQQW1hem9uLmNvbSwgSW5jLjEXMBUGA1UEAxMOd3d3LmFtYXpv bi5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGvhDdYRlqbpsg IND1lCJUqxo9IJYAdCKN4PuS6f1HePg5figCWjoLE8NAsMNEKIs9+EHWZZiyCR+A HT5jUOe7kyZFv+CqYzmor9RfZYN+ORdpVn83+cqDH9L63nTMojk7YmlAKoZwk352 bFMyXrb0s5MmzMvZN7TdR/cp6CARN1XS1/XB0ase6cGAleMHrKyC1I96hL+jK7sw Suvm5yIp52dVaPnzYnRdGiVPA50UrabXZkVp8hkMebUG7qFauPVtXrD058SHP8Xv RfnwjQOAV6VgfXl4oGgPs6ovnjxrbER6ByVFbhIYPzn+2Pc25w66M/mS//Iw+6I9 GPd++dlpAgMBAAGjggFuMIIBajAdBgNVHQ4EFgQUmLGgnZqEj8YaplF5mz8srfbN x24wggENBgNVHREEggEEMIIBAIISaHVkZGxlcy5hbWF6b24uY29tgiFidWNrZXll LXJldGFpbC13ZWJzaXRlLmFtYXpvbi5jb22CFW9yaWdpbi13d3cuYW1hem9uLmNv bYINeXAuYW1hem9uLmNvbYIMd3d3LmFtem4uY29tgg53d3cuYW1hem9uLmNvbYIN dXMuYW1hem9uLmNvbYIRdWVkYXRhLmFtYXpvbi5jb22CEWlwaG9uZS5hbWF6b24u Y29tgg9ob21lLmFtYXpvbi5jb22CFGNvcnBvcmF0ZS5hbWF6b24uY29tghFidXli b3guYW1hem9uLmNvbYIIYW16bi5jb22CCmFtYXpvbi5jb20wDgYDVR0PAQH/BAQD AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAJBgNVHRMEAjAAMA0G CSqGSIb3DQEBCwUAA4IBAQB/ccZl6gi9uNit7JrV41WkIDWuDkWWho4/s2Li03V5 PRlrYo34aPK2bSGfB9aTpiQr0CSW99ofTQaTIPylj5Dt4a9u3x1dFRw1FgYUKJMx +lWhQUpC1lKucxG8bxmQzNQWSLSsnhe48e+6kUKAGdf1JRX1EpokCGnUmr4q1QLN 3BcsK1mlb4NLOj1tjpnx3QaPG6g9MF9JllsM7Gurkh1FqsmY0SG3JKPNPhIRFG9h CLnLL49rWFSj+KiqxTXihQIqHKlrslhSu0FlXo7Bfe3I8NrJRpO/CpVp6NB4khwc xLJNrRUwBHLkKghH2XIpPvEQqh7v+ofyd+ufOm/YJTi4 -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIHGjCCBQKgAwIBAgIKektFUAABAAMQHDANBgkqhkiG9w0BAQsFADBcMRMwEQYK CZImiZPyLGQBGRYDY29tMRQwEgYKCZImiZPyLGQBGRYEQkFMTDEUMBIGCgmSJomT 8ixkARkWBEFFUk8xGTAXBgNVBAMTEEFFUk9JU1NVRUNBMDItQ0EwHhcNMTcwNjA4 MTc1MDIxWhcNMjAwNjA4MTgwMDIxWjBrMQswCQYDVQQGEwJVUzELMAkGA1UECBMC Q08xEjAQBgNVBAcTCUxhZmF5ZXR0ZTEXMBUGA1UEChMOQmFsbCBBZXJvc3BhY2Ux IjAgBgNVBAMUGWFlcm9fZGVjeXB0QGFlcm8uYmFsbC5jb20wggEiMA0GCSqGSIb3 DQEBAQUAA4IBDwAwggEKAoIBAQC63HM9qy8clytJ5pEkRi4K7+G++Pw97izn/6cG Q8wk3O7PhQ+KhFIcc18ejh8y8USqiOdqKcMjc/hhGdPG5pC5z8Q5v/BTA8DOLir2 aJvCRTnzljGXVTQ6IVGUYVHXhxgFyvGsVu+rMaGwHmT3vSeYkOJ+uXuCgLq2NEMZ 2bwo3ywXULzpwvjoo32h/FXbkFwuSvw4UXSYrAG8rElGrNbIIF3DiBMOFt1ikHUB Hy25yTJRpn5gw8ic5RRGEgG7gD4st6Azi9NRa1RoJieKV2+LOQcU+IVeTHGqi4uy J7fQtGyR0ChVKBYq0D1LdX8pmYFqVaDFIdfVtto8hbtG/XsnAgMBAAGjggLNMIIC yTAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTCCATUGCCsGAQUFBwEBBIIBJzCC ASMwgbIGCCsGAQUFBzAChoGlbGRhcDovLy9DTj1BRVJPSVNTVUVDQTAyLUNBLENO PUFJQSxDTj1QdWJsaWMlMjBLZXklMjBTZXJ2aWNlcyxDTj1TZXJ2aWNlcyxDTj1D b25maWd1cmF0aW9uLERDPURTLERDPUJBTEwsREM9Y29tP2NBQ2VydGlmaWNhdGU/ YmFzZT9vYmplY3RDbGFzcz1jZXJ0aWZpY2F0aW9uQXV0aG9yaXR5MEAGCCsGAQUF BzAChjRodHRwOi8vcGtpLmFlcm8uYmFsbC5jb20vcGtpL0FFUk9JU1NVRUNBMDIt Q0EoMSkuY3J0MCoGCCsGAQUFBzABhh5odHRwOi8vb2NzcC5hZXJvLmJhbGwuY29t L29jc3AwHQYDVR0OBBYEFI8ezFtGTX23pBJGUbttQ8wJWlzVMAsGA1UdDwQEAwIB hjAPBgNVHRMBAf8EBTADAQH/MIIBEwYDVR0fBIIBCjCCAQYwggECoIH/oIH8hoHD bGRhcDovLy9DTj1BRVJPSVNTVUVDQTAyLUNBKDEpLENOPUFFUk9JU1NVRUNBMDIs Q049Q0RQLENOPVB1YmxpYyUyMEtleSUyMFNlcnZpY2VzLENOPVNlcnZpY2VzLENO PUNvbmZpZ3VyYXRpb24sREM9RFMsREM9QkFMTCxEQz1jb20/Y2VydGlmaWNhdGVS ZXZvY2F0aW9uTGlzdD9iYXNlP29iamVjdENsYXNzPWNSTERpc3RyaWJ1dGlvblBv aW50hjRodHRwOi8vcGtpLmFlcm8uYmFsbC5jb20vcGtpL0FFUk9JU1NVRUNBMDIt Q0EoMSkuY3JsMB8GA1UdIwQYMBaAFHGsBckmWmZKpJitbEMALgn331x1MA0GCSqG SIb3DQEBCwUAA4ICAQANJitHJ45+sEb2ePS3vPUWHFhjZn4m1pRMxd3AO//Eo+Yy Y19rKYz2nFAPaccrmNu4oesyi1dQ4K7SAgDi4XGbZxFKAyRcBwjE+mGJQ9ET/JuH YXCVTwGR/vjrvWToZpPLgK4FPskuOa/XSgvgsYVJMNcQeFjJYRd4C9wpmlq5NP3T YnRT/+P2j0CGJFPZxhQz+vcs1swrHkW62J7/uYOqtWNHPLXTWwbT7L7W1mUfNAJ6 qBvsj0W9MWaAQad1kiOWLlxpJ1eeZ9udvvIEEZPCgU0RgocZB6PEN7YL7V22dKLx GeogSB6b55rZNg+33TZ9DtBmy7aswJfacSOqPOVeRQmW/cZguUxbnr1YijzJsHDi pxlnRA1YoUXxeulPOZ6le3WRIk9/IBnZ+pP2pfiuzOGCriqQ+YFcxO5Vt6FRd8tu Zr4le1Hn2k6Hh+sBlx58QV4uH4czaDLHEt2wb+zUPMpNsHYLZicOEySq//hb/GYJ O+QFTawiuzS0vGGm+nr9UHg9ozz2IAsfiE+MuMsIXJMjdVuxDg50Ybl7LMmsloX8 m/HPqS4K2wiaFB7oE3OPF4LvMJfnkM5HZG7QTIEcvY+uTZPWgffptJr9KyFfpo2C GFEeGKObHJ5G3vFRZYivR+BkFOfZGVX5iWJpUHwJTfKozdETiNUbD8JnnYWHQw== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIHsDCCBZigAwIBAgIKYTEWtgABAAAACTANBgkqhkiG9w0BAQsFADAVMRMwEQYD VQQDEwpBZXJvUm9vdENBMB4XDTE3MDUxMDIxMDMzM1oXDTI3MDUwMTIwNDA0M1ow XDETMBEGCgmSJomT8ixkARkWA2NvbTEUMBIGCgmSJomT8ixkARkWBEJBTEwxFDAS BgoJkiaJk/IsZAEZFgRBRVJPMRkwFwYDVQQDExBBRVJPSVNTVUVDQTAyLUNBMIIC IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxJIAfif6Ck9b0ke0EvhK8JsY 4DWgBIbp3g0zK4OV8ZSpvX5Hhk9FvoRYBoLGj20fWUlBM2h9rHufZhGuncWqbXRH 4WLZiASh4fW6WElL1VAqxkW6dym+MbrueQqBpU4bOIa9I8F175mtqzXHMqW6oJNd oLrdGod0ZHVbjLbSWNz/oX4GvN3v7lEsMi7Q8n0C1Q3sJf3QZzXEWrGLuahNvs3x ubUfCOmlMwolev8TH1aMQWN93+g1qEpToHy/A22YQ/UMjKokmAQ1rxuwRBAUYoiO XJ8gIK8UDapdJ4XW5q8tV+bAjisUrzJAcgET5EH2CmCg/rOyg2dPXH/xWjeB8ygI i2ohpEe/kws2MR5w8NVVsYn6CDyte8cz1SsQGKbKuJYoVIq25KQ3sKoHSMqaGqfz shoVtMEROQ1yse4KrI6FGXaKiu/2tIvi4yHhAmLi/1DScGZgF9bPnqvMEI0qGz7N 3TyYqqXMOxHXYC61T3HBhNVbhvKG5NuQThETLJIy5Y4h1VhoxSBfRhaUD4ipVhav j9Augyzej9yzY2IhfrE3NG8ORAYXBoUxQN1MqJKscwwnCQCibvgYKq9gLkzWG/qo g/hDcaQhKG6TLqerK5R/xqtZKK+ZIh2j1sliFn33PGksq10GTLcVy86xj/3EbX0e AlHUzH2YT7cqXx8Z6U0CAwEAAaOCArkwggK1MBIGCSsGAQQBgjcVAQQFAgMBAAEw IwYJKwYBBAGCNxUCBBYEFL5sVikJdHihcBC/rDrkjVQ2VFwpMB0GA1UdDgQWBBRx rAXJJlpmSqSYrWxDAC4J999cdTAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTAL BgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBRWcs76Roxk VN+IgLnpPIAseYymGzCCAQEGA1UdHwSB+TCB9jCB86CB8KCB7YaBumxkYXA6Ly8v Q049QWVyb1Jvb3RDQSgxKSxDTj1BRVJPUk9PVENBLENOPUNEUCxDTj1QdWJsaWMl MjBLZXklMjBTZXJ2aWNlcyxDTj1TZXJ2aWNlcyxDTj1Db25maWd1cmF0aW9uLERD PWRzLERDPWJhbGwsREM9Y29tP2NlcnRpZmljYXRlUmV2b2NhdGlvbkxpc3Q/YmFz ZT9vYmplY3RjbGFzcz1jUkxEaXN0cmlidXRpb25Qb2ludIYuaHR0cDovL3BraS5h ZXJvLmJhbGwuY29tL3BraS9BZXJvUm9vdENBKDEpLmNybDCB+wYIKwYBBQUHAQEE ge4wgeswgawGCCsGAQUFBzAChoGfbGRhcDovLy9DTj1BZXJvUm9vdENBLENOPUFJ QSxDTj1QdWJsaWMlMjBLZXklMjBTZXJ2aWNlcyxDTj1TZXJ2aWNlcyxDTj1Db25m aWd1cmF0aW9uLERDPWRzLERDPWJhbGwsREM9Y29tP2NBQ2VydGlmaWNhdGU/YmFz ZT9vYmplY3RjbGFzcz1jZXJ0aWZpY2F0aW9uQXV0aG9yaXR5MDoGCCsGAQUFBzAC hi5odHRwOi8vcGtpLmFlcm8uYmFsbC5jb20vcGtpL0Flcm9Sb290Q0EoMSkuY3J0 MA0GCSqGSIb3DQEBCwUAA4ICAQBE9bxNwitcPdr5AAZiGfqkc2rcJ+73Fihf06Bp AoHJjZOrETAb2CUC/IAOmbPoLtgoF7CCo6BuqMYigMU+4yX4t+INhgW+tSmqazjy tOR7Z5Sy2oZF70Yo/llh7CclqcWkDufvsLpLH36ItJTt+lNR1JtfPb+hTn19TJEa zCx7OJ9zCBHDAkTgdT+7CQa+3IDyiSRu1VJwHz7jc9M5LhSm+sz0GcrqcfHWozFB ztRIswu33XIcdhmSsl1GOGNiicK8mVkv7FvVu2lk6f7IjxCLVzKo4JZG5RuwGKxi tVYkFJn44qlcNwnaYPNGUeKtRvhsY5K9uuS1PWj4p27zpoufLzVVllN31JwSw1tC PM2WFyIlYkF0ZvNEnjbzqHDSE7AwMJWzIAM9xtFWLOtflM4vbenkyaYIqAE9adDI Eop7O7fENELFHKJgm4Sco0zajwP8djqyh5BKT0cv+D3fVCYP9N0QZUED0MinQenJ pb5k6P/fFZuK95gKg/4xq3iVtfm7I0Yw7c6OUsnrnwo0KbBocB5lXkuEbQHlLLX5 4nka8TWbqCU6nvLDCC67jmyXcH4wrNbubM+BYO1YJlwG6tDShPwQXN3Lnz7WO0Hr /8aR0OGQsl0DC79CTSTwDXpXw4DieenSl4bNdD6p2vCohzEsQqQzTJz9Pv7E3YgZ rmG8sg== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIFLDCCAxSgAwIBAgIQGJuN+LMCp49B53NoJRSYYzANBgkqhkiG9w0BAQsFADAV MRMwEQYDVQQDEwpBZXJvUm9vdENBMB4XDTE3MDUwMTIwMzA1MVoXDTI3MDUwMTIw NDA0M1owFTETMBEGA1UEAxMKQWVyb1Jvb3RDQTCCAiIwDQYJKoZIhvcNAQEBBQAD ggIPADCCAgoCggIBAO0e+HO+l1yma6hexssbShD6GyLngV4PAAiD5TIr4iC3mGqk BuOizfXVjykjAogCY5B0tIQoyapemUN1VsZ4nLQHfxE7z2ATXQ6i/YSnGaSlAtKg B+/KWlohYFkXqAl8NA08LlimOi1H/uysPB/fMqVoVodRyPpt9I6c+eop7cuiWtWl laWcqcaAldL1zERFp73SYRsyr0r/GUlOIM/3br11AOuD+PBQkl2d3eYq2mfM/zX/ q1hYCG+db/WOjq1xgMXOKZXuxYsVkDnQKDIIlw37qEd6J4OonfPC58cXQlhxYZ6F Q2IoL7JAU7B1zvJfX6WSguHbFLE4V7OIIead+IF/OB1zavIFBwA01x867cWS1i19 q0KZAV/LEZPdfxm2tuv3AwF6720Q7s0CHBGNOpZl5n1aYs3Qq46tUgPY1b0SG6QT UGyRHqKv7KHAD/1m5ACxR1gjBPy9lk/O0jlU7aO5IuL27qhhJ45oMuWs9FGXD1Pb phlxkKNK+Tv0MyGmnsMbxfHkGErr2u/Yzq5QPkNU6PqkOQp7Ti2pUOx0nLSrpVW6 7YEaUmVGMfQ94/FSBWENqZ2CCvtYHpRHT5aa29D09do1La+HrBDUNZAGSh8JDZ/V P8n5wed+BIMS6r/g9ppbp3vbcq/6849UywRPoa2hMmv1k+MMu8nSq9yhmmTtAgMB AAGjeDB2MAsGA1UdDwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRW cs76RoxkVN+IgLnpPIAseYymGzASBgkrBgEEAYI3FQEEBQIDAQABMCMGCSsGAQQB gjcVAgQWBBRlgJNVvVeNonjw5Pjyp/YHzYloizANBgkqhkiG9w0BAQsFAAOCAgEA 3BRiuqrfadqHZKgGOPWmX8iqaEOkuHS4YGS7mAXTZ8m1ES6Pah1IzkTX1E1+lk2l JutFd/xmGC4U3vx3uhYSn98Y7hi+RqC442aMBZ9kFt8cQfpP32vKr7RUW0vd/Pwm 6ll9sj33HoiUqCRaKjitFLzUwJZQvqIRqQ8jaHixUvf3vmuEafiBPerI7pkHKrhX pE612POEMJRlztK+nURbWGIPOa3l+FgO6oPAeMcKsyG8NBtUVctXOpPXqrMiIcW3 cIdlRHgm6MmGv1kOaqW4kcdGPxkc/7Dtl2Ry/HFXnZ/MksxNOtAF5o8oDeDyixNl 3dScWcJQ1ZOf+m+znWGUu8n1jip1Yh3jJ8r5cn2DMJ5/2GMPMO6XtSzsoYnWFYP8 Y/K9BPbl9bgblxvfrsj/fhlOgG9B5IHprZdqe/FZbheWh8bHcHkswBEqNYomZ/0w l/Ke6jUGcXnnFbtmc/5PVh7+mA3PKF81RokCkTAq6571KbAkAC8xVqGJWPA/WNa9 qC9FEXwsgMIys5sisoITKJg7wSXzeXoCd1ykJRPhgL5TBEzWdIx5X3vc52eaHA8g eQR34H7mxfhkLu6YqSVYImnK3VmZkutnaNQ+lC666UIjCLZl5b/r5zL4bWwv0hVx vYKv3UYDoQUnGI+z9Izvhs97ytPq3yivXng+shH9/xA= -----END CERTIFICATE-----
I also visited gitlab and clicked "Add exception". I then clicked "Get certificate" and refreshed my page. This resolved the issue. However, this did not work for amazon.
Chosen solution
hi, it looks like you're in a corporate environment where all secure network traffic is intercepted/monitored. you could try if the following step helps as it would make firefox import all custom certificates from the windows trust store on your system: enter about:config into the firefox address bar (confirm the info message in case it shows up) & search for the preference named security.enterprise_roots.enabled. double-click it and change its value to true and restart once.
Read this answer in context 👍 1All Replies (9)
Chosen Solution
hi, it looks like you're in a corporate environment where all secure network traffic is intercepted/monitored. you could try if the following step helps as it would make firefox import all custom certificates from the windows trust store on your system: enter about:config into the firefox address bar (confirm the info message in case it shows up) & search for the preference named security.enterprise_roots.enabled. double-click it and change its value to true and restart once.
philipp said
hi, it looks like you're in a corporate environment where all secure network traffic is intercepted/monitored. you could try if the following step helps as it would make firefox import all custom certificates from the windows trust store on your system: enter about:config into the firefox address bar (confirm the info message in case it shows up) & search for the preference named security.enterprise_roots.enabled. double-click it and change its value to true and restart once.
philipp, you are the man! Thanks, this seemed to fixed it. Hopefully, I'm good to go now. Would you be so kind to explain what I just did please verbosely.
philipp, you are the man! Thanks, this seemed to fixed it. Hopefully, I'm good to go now. Would you be so kind to explain what I just did please verbosely. Also will this setting be saved everytime I restart my computer
HI, something here : https://support.umbrella.com/hc/en-us/articles/115000669728-Configuring-Firefox-to-use-the-Windows-Certificate-Store
Please let us know if this solved your issue or if need further assistance.
syost said
Would you be so kind to explain what I just did please verbosely. Also will this setting be saved everytime I restart my computer
This change is saved in Firefox preferences, so if other settings are saved, this one should be, too.
Normally Firefox uses an independent certificate store. The settings change instructs Firefox to trust certificates in the main OS certificate store used by the platform's default browser. The benefit is: easier than importing the proxy's signing certificate. The downside is: if malware infects the platform with a fake certificate, Firefox will trust it, too. That isn't too common on a business system.
Modified by jscher2000 - Support Volunteer
syost said
Would you be so kind to explain what I just did please verbosely. Also will this setting be saved everytime I restart my computer
your it department wants to filter/monitor/eavesdrop all secure connections that are happening from your workstation. they have configured the windows operating system to do so correctly, but left out firefox which is using it's own dedicated trust store. by flipping the mentioned preference, you basically are setting firefox to take a look at the operating system level, which certificates should be trusted to be able to get by the certificate error messages that would be appearing otherwise...
jscher2000
If I change my default browser now from chrome over to firefox will Firefox still have the trust certificates from the main OS cert store even though chrome is no longer the default browser?
Hi syost, the main OS certificate store is part of Windows (or on Mac, MacOS X), not any specific browser. Whether you make Chrome, Edge, Firefox, or Internet Explorer your default browser, this setting still refers to the Windows certificate store.
Modified by jscher2000 - Support Volunteer
Thanks everyone for the help. All issues seem to be resolved as of now from the above suggestions. Cheers~S