Vyhľadajte odpoveď

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Seemingly false Invalid Security Certificate messages

  • 6 odpovedí
  • 1 má tento problém
  • 271 zobrazení
  • Posledná odpoveď od Tonnes

more options

Once or twice a day since using my new computer a couple of weeks ago, just while generally browing around the internet, virtually every page that uses 'HTTPS' suddenly stops working. Firefox claims the certificate for the sites aren't recognised and gives the SEC_ERROR_UNKNOWN_ISSUER message. Even the https://support.mozilla.org/ pages become inaccessible because they're https as well. Nothing I've come up with can fix this except restarting the machine, which fixes the issue immediately and every site starts working again.

If every https site was constantly blocked, I'd assume it was just my security software's settings and try to change them, but it's weird that the issue pops up occasionally at seemingly random times. Any ideas? An example of the error message and Advanced details is provided below. Apologies that it's not formatted quite as on the original page.

https://support.mozilla.org/1/firefox/60.0.1/WINNT/en-GB/security-error Peer's Certificate issuer is not recognised. HTTP Strict Transport Security: true HTTP Public Key Pinning: false Certificate chain:


BEGIN CERTIFICATE-----

MIIESTCCAzGgAwIBAgIQavgPtNse4EmNde/CZKvwBDANBgkqhkiG9w0BAQsFADCB gTE6MDgGA1UECwwxZ2VuZXJhdGVkIGJ5IEF2YXN0IEFudGl2aXJ1cyBmb3IgU1NM L1RMUyBzY2FubmluZzEeMBwGA1UECgwVQXZhc3QgV2ViL01haWwgU2hpZWxkMSMw IQYDVQQDDBpBdmFzdCBXZWIvTWFpbCBTaGllbGQgUm9vdDAeFw0xNzA5MjAwMDAw MDBaFw0xODEwMzExMjAwMDBaMIGGMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2Fs aWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEbMBkGA1UEChMSTW96aWxs YSBGb3VuZGF0aW9uMQ8wDQYDVQQLEwZXZWJPcHMxHDAaBgNVBAMTE3N1cHBvcnQu bW96aWxsYS5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAO+Ba DvZE7ZfhErYk1HjZoAkS9s9SRgXquqVtvqphSfbCdWnpMu5qLHBMCxiBJ673ZhtE 7sy+xRv42+3CRC3ab9KYdTKx6Ttj0+MI5Zr3QHOgky7h/EOClLlrS2HAZbWBx3s6 T7U8n0QnseQiTnJ/tO77GtYvE2k9vf0dz0cLzKaPWOYP1NhCXRSr+oS7A3gBPJV4 uyXYIZGLF2hRxW27H0f9fqSamGQvx6TslX4SyYR4jMX+UqDgqHkqin7m6Wh/MXs6 hEdLCsS4j1cNp8R82q51Y1V9t5h3Rn4VlDOUUP7DwhyvYR5Bn9A6TTrJyR9ct4v4 +gQY0eeNzFYqb8QPAgMBAAGjgbUwgbIwHwYDVR0jBBgwFoAUAzIpRotmp4JBjtU7 Bi5nHc9elSEwHQYDVR0OBBYEFKNcAPirCasC5wR4TwpVz9cQH1ReMDMGA1UdEQQs MCqCE3N1cHBvcnQubW96aWxsYS5vcmeCE3N1cHBvcnQubW96aWxsYS5jb20wDgYD VR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNV HRMBAf8EAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQC3wkaJxDEaFEW4DxBI8+IjWxK0 BO3lp4J2c0tINyATOX3+yJkR2SPL99qUMyQYefEL8jriSTGc+q3dHLfASQXmcbzQ eFrhM1g0Hu+MHcqoEZRZlvPVCOpqGrPvBW6w2F7tsiCJ5fdHRSz6WMk8jtRsyMOX hc5WhKpkHPDvgawITXiV67FFyneZwxlmxMmaP/sK2+LYkxN3dCGlJKsGi0NhSwns z3+suUn/+JjDsEvlhRG52a2EKi63OIDwQQ1Vb6lfYKxXMJThk+mSGuy9d2laBlxQ obVWxVEr40pAiHj6tT6+xpZD++Nqh0CTe6tRYxYEByqL4GXmk38z/xN9L4Wf


END CERTIFICATE-----
BEGIN CERTIFICATE-----

MIIEADCCAuigAwIBAgIQOQb11SM5GkiTpIlZU3BAUTANBgkqhkiG9w0BAQsFADCB gTE6MDgGA1UECwwxZ2VuZXJhdGVkIGJ5IEF2YXN0IEFudGl2aXJ1cyBmb3IgU1NM L1RMUyBzY2FubmluZzEeMBwGA1UECgwVQXZhc3QgV2ViL01haWwgU2hpZWxkMSMw IQYDVQQDDBpBdmFzdCBXZWIvTWFpbCBTaGllbGQgUm9vdDAeFw0xMDAxMDExMjAw MDBaFw00MDAxMDExMjAwMDBaMIGBMTowOAYDVQQLDDFnZW5lcmF0ZWQgYnkgQXZh c3QgQW50aXZpcnVzIGZvciBTU0wvVExTIHNjYW5uaW5nMR4wHAYDVQQKDBVBdmFz dCBXZWIvTWFpbCBTaGllbGQxIzAhBgNVBAMMGkF2YXN0IFdlYi9NYWlsIFNoaWVs ZCBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2VszUJ7+ghy Or73H2SE1/Ef8H/IdBAD/5Cr2iiC7Rb7uqkLCxPEu/ubq5BxPBXiLh5yUR7oHIEq AmShXri5YlVRQW0SNw9LgyyFSZwYIBP1yMtIzYUauAntBeMPqXkAqY3B54N2Rwaz Z9z2TGVj0DwZ6hep3yYLxyUPeYh7c1IP59oo4RngEGybem/Xt2Cm118NY0zhE8j5 9TTxnZ+uRXi2jujQ529gRoQ/48kVP+V1D1JD+rct/RSrGAhpL2AtYs0irWjWNS1i /pd81LLRAmbomixvi6mFd1c9yRFOXn7skYCTztV94OSEXHV7jT42EM96loGq6cIl M/g6jnwonQIDAQABo3IwcDAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwICBDATBgNV HSUEDDAKBggrBgEFBQcDATAdBgNVHQ4EFgQUAzIpRotmp4JBjtU7Bi5nHc9elSEw HwYDVR0jBBgwFoAUAzIpRotmp4JBjtU7Bi5nHc9elSEwDQYJKoZIhvcNAQELBQAD ggEBALGeU2tH59D5zaaS53lS2RgQR+qXrqbMYHQ7D/jciES2/q+J4NZVt1p4F/Zt 0KP38XLM8us+uF7aYyPK/LCQQP49FyUFxAiNSFKHGBcNn1AyeEpVduUk6nYT7nCn 6G2ys+NaaDKqOQ4rZw/8pkREcIDWn61w0lu9YlRrawkD92hsDUwyim5kM8VdPSME 6Z7qEQqoy1n47RGkywMijvPK/CnCUC3iBTbLeju4NDXgFMIj7gRXX8BTyGFOVLAS SE8wXzrFIE0BWVuzvRASQnEtAN7/ICAYYDJC4AhpM5KkDoJQFv9DUPLzKki74DSQ aP/GJ/HKCuwUUZAXTxWzxd5vBTo= -----END CERTIFICATE-----

Všetky odpovede (6)

more options

This may be caused by Avast’s Web Shield component. Try disabling HTTPS scanning in Avast.

See How to troubleshoot security error codes on secure websites for more information.

more options

Yeah, I was hoping there might be a solution that didn't require that. HTTPS scanning seems like something that's worth having 'on', if possible. Also, if that's what was doing it, why would it just decide at some random point that the certificates weren't valid, rather than blocking those sites from the start?

more options

it may seem like it, but having anti-viruses tamper with encrypted connections generally isn't a good idea: http://www.cbc.ca/news/technology/antivirus-software-1.3668746 https://blog.vpn.ac/disable-https-scanning.html

more options

That's... interesting and somewhat scary. Thanks for your help guys, I'll try it and see if the issue stops.

more options

Note that the issuer of the certificate data you posted is Avast.

Subject 	C=US, ST=California, L=Mountain View, O=Mozilla Foundation, OU=WebOps, CN=support.mozilla.org
Issuer 	OU=generated by Avast Antivirus for SSL/TLS scanning, O=Avast Web/Mail Shield, CN=Avast Web/Mail Shield Root
more options

Well, did it stop after disabling HTTPS scanning? If so, please mark any of the above as solution.