X
Tap here to go to the mobile version of the site.
Your Firefox is out of date and may contain a security risk! Upgrade Firefox

Support Forum

Certificate error on only one of two identical systems?

Posted

I recently installed two COMPLETELY identical Ubuntu 12.04 systems, PC01 and PC02. The browser is latest version of Mozilla Firefox.

When visiting https://www.komplett.dk/k/signin.aspx with PC01, the connection is secure and everything is OK, no error messages. When visiting the same URL with PC02, the following error message is shown:

--- This Connection is Untrusted

You have asked Firefox to connect securely to www.komplett.dk, but we can't confirm that your connection is secure.

Normally, when you try to connect securely, sites will present trusted identification to prove that you are going to the right place. However, this site's identity can't be verified.

What Should I Do?

If you usually connect to this site without problems, this error could mean that someone is trying to impersonate the site, and you shouldn't continue.

Get me out of here!

Technical Details

www.komplett.dk uses an invalid security certificate.

The certificate is not trusted because no issuer chain was provided.

(Error code: sec_error_unknown_issuer)

I understand the Risks ---

Why is this happening when the systems are COMPLETLY identical? i have tried to delete the profile folder on both systems, but the result is the same. NO certificates has been manually installed on PC01, so that is not the reason. The file size of cert8.db on PC01 is 94K and on PC02 it is 64K, I do not understand how the size can be different when the profiles are newly created.

I would really like to find out why I am experiencing different behaviour with Firefox, on two identical systems, so any suggestions or ideas are very welcome.

Chosen solution

Note that Firefox automatically stores intermediate certificates that servers send in the Certificate Manager for future usage.
So you may not see an error if you have visited a website in the past that did send this intermediate certificate.
If you have never visited a website that uses this same intermediate certificate then Firefox hasn't saved it and you will get an untrusted error.

Read this answer in context 12

Additional System Details

Application

  • User Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:20.0) Gecko/20100101 Firefox/20.0

More Information

cor-el
  • Top 10 Contributor
  • Moderator
10776 solutions 96959 answers

Helpful Reply

The Technical Details show:

www.komplett.dk uses an invalid security certificate. The certificate is not trusted because no issuer chain was provided. (Error code: sec_error_unknown_issuer)

The www.komplett.dk server doesn't send a required intermediate certificate.

  • VeriSign Class 3 Extended Validation SSL SGC CA

You can inspect the certificate chain via a site like this:

You can install the intermediate certificate from networking4all site or from this VeriSign page (it is the second one).

Copy the certificate text to a .cer text file and import this file in the Certificate Manager.

  • Options/Preferences > Advanced > Encryption: Certificates - View Certificates
cor-el
  • Top 10 Contributor
  • Moderator
10776 solutions 96959 answers

Chosen Solution

Note that Firefox automatically stores intermediate certificates that servers send in the Certificate Manager for future usage.
So you may not see an error if you have visited a website in the past that did send this intermediate certificate.
If you have never visited a website that uses this same intermediate certificate then Firefox hasn't saved it and you will get an untrusted error.