X
Tap here to go to the mobile version of the site.

Fóram Tacaíochta

Cuireadh an snáithe seo sa chartlann. Cuir ceist nua má tá cabhair uait.

This Connection is untrusted (issuer certificate not trusted)

Postáilte

For the past week I have been unable access internet sites via firefox. I keep getting the "The connection is untrusted" error. It does not matter what site, be it google, Mozilla or Yahoo mail.

I have deleted the cert8.db file, cleaned my history and cache and reset firefox but nothing helps. When I go through the "I understand the risk" steps the sites load but not properly. Usually no pictures will load.

For the past week I have been unable access internet sites via firefox. I keep getting the "The connection is untrusted" error. It does not matter what site, be it google, Mozilla or Yahoo mail. I have deleted the cert8.db file, cleaned my history and cache and reset firefox but nothing helps. When I go through the "I understand the risk" steps the sites load but not properly. Usually no pictures will load.

Tuilleadh mionsonraí faoin chóras

Feidhmchlár

  • User Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.95 Safari/537.36

Tuilleadh Eolais

Application Basics
Name
Firefox
Version
23.0
User Agent
Mozilla/5.0 (Windows NT 5.1; rv:23.0) Gecko/20100101 Firefox/23.0
Build Configuration
about:buildconfig
Extensions
Name
Version
Enabled
ID
IDS_SS_NAME
IDS_SS_VERSION
false
{D19CA586-DD6C-4a0a-96F8-14644F340D60}
Microsoft .NET Framework Assistant
0.0.0
false
{20a82645-c095-46ed-80e3-08825760534b}
Important Modified Preferences
Name
Value
browser.cache.disk.capacity
358400
browser.cache.disk.smart_size.first_run
false
browser.cache.disk.smart_size.use_old_max
false
browser.cache.disk.smart_size_cached_value
358400
browser.places.smartBookmarksVersion
4
browser.startup.homepage_override.buildID
20130730113002
browser.startup.homepage_override.mstone
23.0
extensions.lastAppVersion
23.0
network.cookie.prefsMigrated
true
places.database.lastMaintenance
1376512132
places.history.expiration.transient_current_max_pages
84961
plugin.disable_full_page_plugin_for_types
application/pdf
plugin.importedState
true
privacy.sanitize.migrateFx3Prefs
true
Graphics
Adapter Description
Intel(R) HD Graphics Family
Adapter Drivers
igxprd32
Adapter RAM
Unknown
Device ID
0x0102
Direct2D Enabled
Blocked for your graphics driver version.
DirectWrite Enabled
false (0.0.0.0)
Driver Date
12-22-2010
Driver Version
6.14.10.5321
GPU #2 Active
false
GPU Accelerated Windows
1/1 Direct3D 9
Vendor ID
0x8086
WebGL Renderer
Google Inc. -- ANGLE (Intel(R) HD Graphics Family)
AzureCanvasBackend
skia
AzureContentBackend
none
AzureFallbackCanvasBackend
cairo
JavaScript
Incremental GC
true
Accessibility
Activated
false
Prevent Accessibility
0
Library Versions
Expected minimum version
Version in use
NSPR
4.10
4.10
NSS
3.15 Basic ECC
3.15 Basic ECC
NSSSMIME
3.15 Basic ECC
3.15 Basic ECC
NSSSSL
3.15 Basic ECC
3.15 Basic ECC
NSSUTIL
3.15
3.15

philipp
  • Top 10 Contributor
  • Moderator
3016 réiteach 13983 freagra

hello Glockstr, what is the error code that shows under technical details on the error page & what kind of security software is running on your system?

hello Glockstr, what is the error code that shows under technical details on the error page & what kind of security software is running on your system?
cor-el
  • Top 10 Contributor
  • Moderator
12528 réiteach 115514 freagra

Check the date and time in the clock on your computer: (double) click the clock icon on the Windows Taskbar.

Check out why the site is untrusted (click "Technical Details to expand that section) and if this is caused by a missing intermediate certificate then see if you can install this intermediate certificate from another source.

You can retrieve the certificate and check details like who issued certificates and expiration dates of certificates.

  • Click the link at the bottom of the error page: "I Understand the Risks"

Let Firefox retrieve the certificate: "Add Exception" -> "Get Certificate".

  • Click the "View..." button and inspect the certificate and check who is the issuer of the certificate.

You can see more Details like intermediate certificates that are used in the Details pane.

If "I Understand the Risks" is missing then this page may be opened in an (i)frame and in that case try the right-click context menu and use "This Frame: Open Frame in New Tab".

Note that some firewalls monitor secure (https) connections and send their own certificate instead of the website's certificate.

  • ESET setup -> advanced setup -> extend web and email tree -> SSL
  • SSL protocol: Do not scan SSL protocol
Check the date and time in the clock on your computer: (double) click the clock icon on the Windows Taskbar. *https://support.mozilla.org/kb/Secure+Connection+Failed Check out why the site is untrusted (click "Technical Details to expand that section) and if this is caused by a missing intermediate certificate then see if you can install this intermediate certificate from another source. You can retrieve the certificate and check details like who issued certificates and expiration dates of certificates. *Click the link at the bottom of the error page: "I Understand the Risks" Let Firefox retrieve the certificate: "Add Exception" -> "Get Certificate". *Click the "View..." button and inspect the certificate and check who is the issuer of the certificate. You can see more Details like intermediate certificates that are used in the Details pane. If "I Understand the Risks" is missing then this page may be opened in an (i)frame and in that case try the right-click context menu and use "This Frame: Open Frame in New Tab". Note that some firewalls monitor secure (https) connections and send their own certificate instead of the website's certificate. *ESET setup -> advanced setup -> extend web and email tree -> SSL *SSL protocol: Do not scan SSL protocol

Freagra Cabhrach

www.google.com uses an invalid security certificate.

The certificate is not trusted because the issuer certificate is not trusted.

(Error code: sec_error_untrusted_issuer)

It is a work computer and I believe we use McAffee.

I follow the other directions and viewed the certificate. All looks OK, my time is correct, the certificate isn't set to expire till sometime in October.

www.google.com uses an invalid security certificate. The certificate is not trusted because the issuer certificate is not trusted. (Error code: sec_error_untrusted_issuer) It is a work computer and I believe we use McAffee. I follow the other directions and viewed the certificate. All looks OK, my time is correct, the certificate isn't set to expire till sometime in October.

Athraithe ag Glockstr ar

cor-el
  • Top 10 Contributor
  • Moderator
12528 réiteach 115514 freagra

Who is the issuer of the certificate?

Who is the issuer of the certificate?
jscher2000
  • Top 10 Contributor
3405 réiteach 30905 freagra

When you view the certificate, do you see anything unusual? I've attached what I see for comparison.

When you view the certificate, do you see anything unusual? I've attached what I see for comparison.
jscher2000
  • Top 10 Contributor
3405 réiteach 30905 freagra

In case the OCSP check is failing, can you see whether you've made that mandatory?

orange Firefox button (or Tools menu) > Options > Advanced > Certificates > "Validation" button

Default is first box checked, second box not checked.

In case the OCSP check is failing, can you see whether you've made that mandatory? orange Firefox button (or Tools menu) > Options > Advanced > Certificates > "Validation" button Default is first box checked, second box not checked.

Freagra Cabhrach

Here is a screen shot of the certificate info I get on this site.

On my browser the OCSP is just as you described. The first box is checked and the second is not.

Here is a screen shot of the certificate info I get on this site. On my browser the OCSP is just as you described. The first box is checked and the second is not.
cor-el
  • Top 10 Contributor
  • Moderator
12528 réiteach 115514 freagra

The screenshot shows that the certificate has been released by "proxysg03", so you appear to be using a proxy.

The screenshot shows that the certificate has been released by "proxysg03", so you appear to be using a proxy.

Úinéir na ceiste

I am not familiar with proxy's but I don't doubt it since this is a work computer. IE and Chrome seem to access the same pages without a problem. I noticed that the problem mainly occurs when the https prefix is used. If I remove the "s" from the address I connect fine but of course can't log into a site without the secured protocol.

I am not familiar with proxy's but I don't doubt it since this is a work computer. IE and Chrome seem to access the same pages without a problem. I noticed that the problem mainly occurs when the https prefix is used. If I remove the "s" from the address I connect fine but of course can't log into a site without the secured protocol.
cor-el
  • Top 10 Contributor
  • Moderator
12528 réiteach 115514 freagra

You can check the connection settings here:

If you do not need to use a proxy to connect to internet then try to select "No Proxy" if "Use the system proxy settings" or one of the others do not work properly.

See "Firefox connection settings":

If you use a proxy and such a proxy doesn't tunnel HTTPS traffic, but builds their own connection and generates its own certificate then only installing a root certificate of that proxy would prevent getting an untrusted error page.

You can check the connection settings here: *Tools > Options > Advanced > Network : Connection > Settings *https://support.mozilla.org/kb/Options+window+-+Advanced+panel If you do not need to use a proxy to connect to internet then try to select "No Proxy" if "Use the system proxy settings" or one of the others do not work properly. See "Firefox connection settings": *https://support.mozilla.org/kb/Firefox+cannot+load+websites+but+other+programs+can If you use a proxy and such a proxy doesn't tunnel HTTPS traffic, but builds their own connection and generates its own certificate then only installing a root certificate of that proxy would prevent getting an untrusted error page.
philipp
  • Top 10 Contributor
  • Moderator
3016 réiteach 13983 freagra

maybe there is software running on your work computer that monitors or filters webtraffic - when firefox is connecting to secure websites (stating with https://) that looks like a man-in-the-middle attack and since it's not connected to the websites in question directly that's why firefox shows the error page...

maybe there is software running on your work computer that monitors or filters webtraffic - when firefox is connecting to secure websites (stating with https://) that looks like a [http://en.wikipedia.org/wiki/Man-in-the-middle_attack man-in-the-middle attack] and since it's not connected to the websites in question directly that's why firefox shows the error page...
pppeater 0 réiteach 1 freagra

I had this issue on my work computer. It appears that the proxy was intercepting the certificate and returning itself as the issuer. For some reason Firefox did not like that. Anyway, I was able to export the proxy certificate from Chrome and import it into Firefox: Options > Advanced > View Certificates > Authorities > Import

I had this issue on my work computer. It appears that the proxy was intercepting the certificate and returning itself as the issuer. For some reason Firefox did not like that. Anyway, I was able to export the proxy certificate from Chrome and import it into Firefox: Options > Advanced > View Certificates > Authorities > Import