X
點擊此處開啟此網站的行動版。

技術支援討論區

Error code: sec_error_unknown_issuer

已張貼

Hi, I have reviewed many similar posts but none of them works to fix my issue. Issue: "This Connection is Untrusted" with "sec_error_unknown_issuer ". But NO option of "I understand the risk". My firefox suddenly could not access websites such as YAHOO Mail, Google Mail, Facebook, Linkedin....etc while firefox is able to access other regular websites. Other broswers (IE, Chrome) do not have this issue.

Steps taken 1. Confirmed Date & time is correct. 2. "Certificate" shows these websites are in the list 3. Cleared Cache and cookies. 4. I am in company network. So I have to be either "auto-detect proxy" or "use system proxy setting". If I change to "no proxy", then Firefox could not get into any website. 5. deleted cert8.db

None of them worked to fix this issue. Please help to solve this issue. Thanks

Hi, I have reviewed many similar posts but none of them works to fix my issue. Issue: "This Connection is Untrusted" with "sec_error_unknown_issuer ". But NO option of "I understand the risk". My firefox suddenly could not access websites such as YAHOO Mail, Google Mail, Facebook, Linkedin....etc while firefox is able to access other regular websites. Other broswers (IE, Chrome) do not have this issue. Steps taken 1. Confirmed Date & time is correct. 2. "Certificate" shows these websites are in the list 3. Cleared Cache and cookies. 4. I am in company network. So I have to be either "auto-detect proxy" or "use system proxy setting". If I change to "no proxy", then Firefox could not get into any website. 5. deleted cert8.db None of them worked to fix this issue. Please help to solve this issue. Thanks

被選擇的解決方法

IMPORTANT: MAKE SURE YOU TRUST THE INTERMEDIARY TO READ ALL OF YOUR SECURE TRANSMISSIONS BEFORE USING THIS SOLUTION. CHECK FOR MALWARE FIRST.

Actually it was a chain of one link, then another, then a clarification, so it's probably easiest to copy/paste:

Export

  • In the IE or Chrome certificate viewer, click the cert you want to export in the Certification Path tab and use the View Certificate button to open it directly. Note: In this case, try exporting the ROOT CA certificate at the top of the path.
  • Then click the Details tab and click the Copy to file button. This starts the Export Wizard. Use the DER format and save to a convenient location.

Import

  • In Firefox, open the Certificate Manager using: "3-bar" menu button (or Tools menu) > Options > Advanced > Certificates mini-tab > "View Certificates" button
  • Click the Authorities mini-tab and then the "Import" button, and find the DER file. Note: I suggest allowing the certificate for websites only unless your IT suggests otherwise.

I am attaching some screen shots for reference.

Does it work?

從原來的回覆中察看解決方案 14

額外的系統細節

已安裝的外掛程式

  • Adobe PDF Plug-In For Firefox and Netscape 11.0.12
  • Vidyo Web Plugin
  • Citrix Receiver Plugin (Win32)
  • Citrix URL-Redirection Helper Plugin
  • Google Update
  • Office Authorization plug-in for NPAPI browsers
  • The plug-in allows you to open and edit files using Microsoft Office applications
  • Shockwave Flash 18.0 r0
  • 5.1.40728.0

應用程式

  • User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:41.0) Gecko/20100101 Firefox/41.0

更多資訊

jscher2000
  • Top 10 Contributor
8792 個解決方法 71909 個答案

The cert8.db file you mentioned is Firefox's certificate store. Internet Explorer and Chrome share the Windows system certificate store, so they can be useful for further research.

Couple questions:

(1) Do you get the problem for ALL secure sites, including, for example, this one or my test page, or is it more selective?

https://jeffersonscher.com/res/jstest.php

(2) Is your company proxy "transparent" or does it occasionally redirect to a notification screen, for example, to warn you about leaving the network? For more information on what I'm driving at, please skim through the following thread:

Yahoo mail gives untrusted connection error (web gateway displays its own page under the address of the destination site).

The cert8.db file you mentioned is Firefox's certificate store. Internet Explorer and Chrome share the Windows system certificate store, so they can be useful for further research. Couple questions: (1) Do you get the problem for ALL secure sites, including, for example, this one or my test page, or is it more selective? https://jeffersonscher.com/res/jstest.php (2) Is your company proxy "transparent" or does it occasionally redirect to a notification screen, for example, to warn you about leaving the network? For more information on what I'm driving at, please skim through the following thread: [https://support.mozilla.org/questions/1084597 Yahoo mail gives untrusted connection error] (web gateway displays its own page under the address of the destination site).

提出問題者

Hey, Jscher2000. Thanks for your feedback!

(1) No. I got the message " "This Connection is Untrusted" " as well. (though your website I could see "I understand the Risks" selection. It is selective, I think. I am able to go into some bank, credit card, brokerage trading website (assuming those are secure sites, right?)

(2) No. I have not being redirected to a notification screen (I did check the description from your provided link)

My version is 41.0 It suddenly has this issue last week. I tried to revert back to older version. 39.0 is totally fine with these websites. But some functions are not working in the older version. So hopefully this 41.0 issue could get fixed......

Very appreciated your input! Thanks!

Hey, Jscher2000. Thanks for your feedback! (1) No. I got the message " "This Connection is Untrusted" " as well. (though your website I could see "I understand the Risks" selection. It is selective, I think. I am able to go into some bank, credit card, brokerage trading website (assuming those are secure sites, right?) (2) No. I have not being redirected to a notification screen (I did check the description from your provided link) My version is 41.0 It suddenly has this issue last week. I tried to revert back to older version. 39.0 is totally fine with these websites. But some functions are not working in the older version. So hopefully this 41.0 issue could get fixed...... Very appreciated your input! Thanks!
jscher2000
  • Top 10 Contributor
8792 個解決方法 71909 個答案

On #1, the main difference is whether the site forbids HTTP access, in that case, Firefox won't allow adding an exception, either.

On my page, could you inspect the certificate? Here's how:

Expand the "I understand the risks" section and look for an Add Exception button. You don't need to complete the process of adding an exception (I suggest not adding one until we know this isn't a malware issue) but you can use the dialog to view the information that makes Firefox suspicious.

Click Add Exception, then View. If View is not enabled, try the Get Certificate button first. Then in the Certificate Viewer, look at the "Issued by" section. What do you find there, and/or under Certificate Hierarchy? I have attached a screen shot for comparison.

On #1, the main difference is whether the site forbids HTTP access, in that case, Firefox won't allow adding an exception, either. On my page, could you inspect the certificate? Here's how: Expand the "I understand the risks" section and look for an Add Exception button. You don't need to complete the process of adding an exception (I suggest not adding one until we know this isn't a malware issue) but you can use the dialog to view the information that makes Firefox suspicious. Click Add Exception, then View. If View is not enabled, try the Get Certificate button first. Then in the Certificate Viewer, look at the "Issued by" section. What do you find there, and/or under Certificate Hierarchy? I have attached a screen shot for comparison.

有幫助的回覆

Thanks. Here you go. Hopefully this is helpful.

Thanks. Here you go. Hopefully this is helpful.
jscher2000
  • Top 10 Contributor
8792 個解決方法 71909 個答案

I assume you see the same information if you visit the same site and check the certificate in IE or Chrome. If not, that's a red flag.

If they are all the same, does it seem normal that "Bloomberg LP" would be intercepting your internet connection? If so, you can try trusting its root certificate. Please follow the export/import procedure in the other thread I linked to earlier to add that top level ROOT CA certificate to Firefox's certificate store.

I assume you see the same information if you visit the same site and check the certificate in IE or Chrome. If not, that's a red flag. If they are all the same, does it seem normal that "Bloomberg LP" would be intercepting your internet connection? If so, you can try trusting its root certificate. Please follow the export/import procedure in the other thread I linked to earlier to add that top level ROOT CA certificate to Firefox's certificate store.

提出問題者

Hi, Jscher2000

Do you mind giving me the link of the procedure please? Tried a while but could not find it. Thanks again!

Hi, Jscher2000 Do you mind giving me the link of the procedure please? Tried a while but could not find it. Thanks again!
jscher2000
  • Top 10 Contributor
8792 個解決方法 71909 個答案

選擇的解決方法

IMPORTANT: MAKE SURE YOU TRUST THE INTERMEDIARY TO READ ALL OF YOUR SECURE TRANSMISSIONS BEFORE USING THIS SOLUTION. CHECK FOR MALWARE FIRST.

Actually it was a chain of one link, then another, then a clarification, so it's probably easiest to copy/paste:

Export

  • In the IE or Chrome certificate viewer, click the cert you want to export in the Certification Path tab and use the View Certificate button to open it directly. Note: In this case, try exporting the ROOT CA certificate at the top of the path.
  • Then click the Details tab and click the Copy to file button. This starts the Export Wizard. Use the DER format and save to a convenient location.

Import

  • In Firefox, open the Certificate Manager using: "3-bar" menu button (or Tools menu) > Options > Advanced > Certificates mini-tab > "View Certificates" button
  • Click the Authorities mini-tab and then the "Import" button, and find the DER file. Note: I suggest allowing the certificate for websites only unless your IT suggests otherwise.

I am attaching some screen shots for reference.

Does it work?

'''IMPORTANT: MAKE SURE YOU TRUST THE INTERMEDIARY TO ''READ ALL OF YOUR SECURE TRANSMISSIONS'' BEFORE USING THIS SOLUTION. CHECK FOR MALWARE FIRST.''' Actually it was a chain of one link, then another, then a clarification, so it's probably easiest to copy/paste: '''Export''' * In the IE or Chrome certificate viewer, click the cert you want to export in the Certification Path tab and use the View Certificate button to open it directly. ''Note: In this case, try exporting the ROOT CA certificate at the top of the path.'' * Then click the Details tab and click the Copy to file button. This starts the Export Wizard. Use the DER format and save to a convenient location. '''Import''' * In Firefox, open the Certificate Manager using: "3-bar" menu button (or Tools menu) > Options > Advanced > Certificates mini-tab > "View Certificates" button * Click the Authorities mini-tab and then the "Import" button, and find the DER file. ''Note: I suggest allowing the certificate for websites only unless your IT suggests otherwise.'' I am attaching some screen shots for reference. Does it work?

由 jscher2000 於 修改

有幫助的回覆

It WORKED!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! you da man! Thanks so much for your help. Very very appreciated your help!

It WORKED!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! you da man! Thanks so much for your help. Very very appreciated your help!
lith1um 0 個解決方法 2 個答案

I have had the same issue before, i tried every possible fix including exporting the root CA from Chrome and importing in Firefox but it didnt work.

Finally i downloaded ADWCleaner and it detected some strange entries in the registry that looked like proxy.data & proxy.xxx etc.

After running the cleanup process and rebooting the PC, the problem has been resolved!!

I have had the same issue before, i tried every possible fix including exporting the root CA from Chrome and importing in Firefox but it didnt work. Finally i downloaded ADWCleaner and it detected some strange entries in the registry that looked like proxy.data & proxy.xxx etc. After running the cleanup process and rebooting the PC, the problem has been resolved!!