All Products Support Forum

The error: SEC_ERROR_UNKNOWN_ISSUER.

The certificates use sha256 for their signature algorithm.

Chrome and Edge both see the certificates as valid.

This is a recent change, I believe starting with Firefox 55.

Thanks for any help with this!

My username and password for my university website: https://www.bb.reading.ac.uk/ stopped appearing automatically, and the password only appeared when I typed in my username. I couldn't bothered to type the username every time, so I deleted the website in the 'Saved Password...' section thinking I would be prompted to remember the password again. But it never came up and cannot seem to find a function that would allow me to remember a password for the website.

I am getting this block to a website that I have been using successfully for years. Last successful access was 8 hours ago. Now this error appearing. I have deleted cookies and cache but problem still appears when trying to enter address.

I I receive a "Secure Connection Failed" warning when trying to access a site that I know is trust worthy. The website is https://www.planet.snb.ca.

the error is as follows: "The connection to www.planet.snb.ca was interrupted while the page was loading.

   The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
   Please contact the website owners to inform them of this problem."

Is there a way to either completely disable this check, or allow a global pass for all websites?

I am aware that I can add individual websites by clicking the icon in the location bar and telling it to always load plugins to that particular site, however for the particular project I am configuring firefox for this is unfortunately not an option - if I can't turn this off I will need to look into other browser options which would be an incredible pain as right now the setup is perfected minus this one point.

I have had a look in the about:permissions page and the only option there for Plugins is 'Allow' or 'Always ask'. I have this set to allow but clearly that the above warning is not influenced by this.

How can i export my password with Firefox 58.xxx or higher Version? I want a file that i can read with my eyes, not a cryptic file.

How do I disable HTTPS redirect. I am "aware of the risks" blah blah paranoid blah. And well aware of what I'm doing. But for some reason with 32 no everything heads over to https including non-https bookmarks.

No matter how I type it in; HTTP://www.xxxx www.xxxxx

I would like to find some way, by setting, about:config command (or hack if I have to) or even an extension someone could point me to that could stop this maddening overuse of secure transfers.

I am trying to get to a specific port and Firefox blocks the access, https://x.x.x.x:xxxxx. This is the message:

This address uses a network port which is normally used for purposes other than Web browsing. Firefox has canceled the request for your protection.

How can I allow a specific port?

I will soon be getting a new computer. Having a large number of websites and respective access passwords saved in Firefox Mozilla, it would be very convenient to be able to export this information to the new machine after installing Firefox, as one can do with Bookmarks. Is this possible for websites+passwords?

When I did the Firefox Refresh it cleared my entire browser history, bookmarks, logins, passwords, etc...how do I get these back and why would Mozilla create such an insidious button?

HSTS is problematic in that it incorrectly assumes that all users trust the default list of CAs and makes the adding of exceptions impossible even by advanced users.

For example, torproject.org is inaccessible on Firefox unless I am willing to trust DigiCert to never sign a fake certificate either by negligence or by court order of any country in witch they operate, thereby making every https: site ( not just torproject.org ) vulnerable to a MITM attack.

A user disabling CAs in the browser is not unreasonable given the ever growing list of CAs built into Firefox ( each one a potential point of failure ), the number of CAs that have been recently compromised and the very low standards required to obtain a certificate.

While I understand the desire to protect the average user who doesn't understand how certificates work and will click past warnings without reading them, this protection should not come at the expense of more security conscious users.

I would recommend an about:config setting that would allow the creation of exceptions by users who explicitly choose to do so.

So far the only kludge I have been able to come up with is to modify c:\program files\mozilla firefox\xul.dll with a hex editor and replace the sites on the list ( this is far from an ideal solution ).

I get this error message on *any* secure site I go to (youtube, gmail, Wikipedia, even Mozilla.org)

Your connection is not secure

The owner of www.mozilla.org has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.

Learn more…

Or this one...

Your connection is not secure

The owner of www.youtube.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.

This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely. As a result, it is not possible to add an exception for this certificate.

Learn more…

www.youtube.com uses an invalid security certificate.

The certificate is not trusted because the issuer certificate is unknown. The server might not be sending the appropriate intermediate certificates. An additional root certificate may need to be imported.

(Error code: sec_error_unknown_issuer)

Checked in Options>Advanced>View Certificates>Authorities and it looks like there are plenty of root certificates there. Tried removing and reinstalling Firefox, and I still get the same error. What's going on? I couldn't even connect to Mozilla.org with Firefox, so I had to post this question with Internet Explorer.

When I try to send an email using Thunderbird, a window that says "SMPT Server Password Required" pops up asking me for my password. This never used to happen. When I enter the password of my associated Gmail account, it says "Login to server smtp.googlemail.com failed". If it's not the password of my associated Gmail account, then what password does it want? Is there a way to change the password?

The ssl certificate on my side did expire but it was renewed a few days later. It's been over a month since it was renewed but I still have Firefox users reporting the error message.

This Connection is Untrusted Techinical Details: eng.fanpageengine.com uses an invalid security certificate. The cerificate expired on 1/31/2013 3:59pm.

This is a link to a 3rd party site that verifies the ssl certificate is current. http://www.networking4all.com/en/support/tools/site+check/report/?fqdn=https%3A%2F%2Feng.fanpageengine.com&protocol=https

I just need the steps they'll need to make Firefix update its record.

Additional information. This doesn't effect everyone visiting my website using Firefox. It seems to only effect people who visited the site while the ssl certificate was expired. However clearing the cache and cookies has no effect.

Thanks for the help.

I created a self-signed CA cert using openssl, and imported it into Firefox, but when I select it in the Certificate Manager under “Your Certificates” and click “View…”, I see the message “Could not verify this certificate because the issuer is not trusted.”

https://www.dropbox.com/s/i38v78802ym9fug/Screenshot%202014-04-15%2010.49.14.png

When I visit the site that I set up with an SSL cert signed by that same self-signed CA cert, I get an untrusted connection warning with the following technical details: “staging.cakemade.com uses an invalid security certificate. The certificate is not trusted because the issuer certificate is not trusted. (Error code: sec_error_untrusted_issuer)”

https://www.dropbox.com/s/rvq00r0pdn99rd6/Screenshot%202014-04-15%2010.57.54.png

When I view the site certificate, it correctly identifies the issuer as the CA cert that I imported, but also displays the message “Could not verify this certificate because the issuer is not trusted.”

https://www.dropbox.com/s/b3no5pdhf9ddx5h/Screenshot%202014-04-15%2010.57.29.png

I am using Firefox Aurora, and apply updates daily. I am using the default settings for OCSP.

https://www.dropbox.com/s/in58viu3q6wkxvn/Screenshot%202014-04-15%2011.02.22.png

What do I need to do to get Firefox to trust the CA cert that I imported?

This plug in has been disabled by Firefox due to vulnerabilities so therefore I see no need to keep it on my system and would like some help in the removal as it does not have an option for doing this. Also when I'm visiting some sites that should be displayed as HTTPS but they only show as HTTP how do I fix this issue??? Any help would greatly appreciated thank you very much cheers.

Some of the user names being saved are errors .. so when you key the username box, i get a 'list' of usernames. A couple have the user name + the password because apparently did not see that the tab key did not move the curser and it was just tagged onto the user name. I'd like to be able to delete or reset the user names. All the forum questions deal with password saving, but I don't save any of my passwords and the user names are automatic unless I turn off the 'Remember search and form history'. Any suggestions?