X
點擊此處開啟此網站的行動版。

技術支援討論區

Untrusted connection does not contain I understand the risks

已張貼

Trying to access a site where the IP has changed and receive "This Connection is Untrusted" with no option to select I understand the risks. Need assistance in resolving this.

The site worked fine prior to IP change.

Trying to access a site where the IP has changed and receive "This Connection is Untrusted" with no option to select I understand the risks. Need assistance in resolving this. The site worked fine prior to IP change.

被選擇的解決方法

yes, sorry i did edit the second part of the question in, after i have submitted it.

normally the i know the risks section & the possibility of adding an exception should be available for this kind of error - could you check if it showing up at https://mur.at ? thank you...

從原來的回覆中察看解決方案 2

額外的系統細節

受影響的站台

http://

應用程式

  • User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:12.0) Gecko/20100101 Firefox/12.0

更多資訊

philipp
  • Top 25 Contributor
  • Moderator
5332 個解決方法 23544 個答案

what error code is shown, when you click on technical details & can you share the site where this is happening?

what error code is shown, when you click on technical details & can you share the site where this is happening?

由 philipp 於 修改

提出問題者

Thanks for the quick reply. The error is (Error code: sec_error_untrusted_issuer

Thanks for the quick reply. The error is (Error code: sec_error_untrusted_issuer

提出問題者

Didn't see the second part of the question. The site is restricted and requires a certificate as well as VPN connectivity from our internal network.

Didn't see the second part of the question. The site is restricted and requires a certificate as well as VPN connectivity from our internal network.
cor-el
  • Top 10 Contributor
  • Moderator
17703 個解決方法 160151 個答案

You can retrieve the certificate and check details like who issued certificates and expiration dates of certificates.

  • Click the link at the bottom of the error page: "I Understand the Risks"

Let Firefox retrieve the certificate: "Add Exception" -> "Get Certificate".

  • Click the "View..." button and inspect the certificate and check who is the issuer.

You can see more Details like intermediate certificates that are used in the Details pane.

Some firewalls monitor secure (https) connections and send their own certificate instead of the website's certificate.

You can retrieve the certificate and check details like who issued certificates and expiration dates of certificates. * Click the link at the bottom of the error page: "I Understand the Risks" Let Firefox retrieve the certificate: "Add Exception" -> "Get Certificate". * Click the "View..." button and inspect the certificate and check who is the issuer. You can see more Details like intermediate certificates that are used in the Details pane. Some firewalls monitor secure (https) connections and send their own certificate instead of the website's certificate.
philipp
  • Top 25 Contributor
  • Moderator
5332 個解決方法 23544 個答案

選擇的解決方法

yes, sorry i did edit the second part of the question in, after i have submitted it.

normally the i know the risks section & the possibility of adding an exception should be available for this kind of error - could you check if it showing up at https://mur.at ? thank you...

yes, sorry i did edit the second part of the question in, after i have submitted it. normally the i know the risks section & the possibility of adding an exception should be available for this kind of error - could you check if it showing up at https://mur.at ? thank you...

提出問題者

cor-el - The problem is there is no link for "I Understand the Risks" That is the issue I am reporting and need assistance with. There is just get me out of here.

cor-el - The problem is there is no link for "I Understand the Risks" That is the issue I am reporting and need assistance with. There is just get me out of here.

提出問題者

madperson - yes it does show at https://mur.at..with the ability to add the exception.

Thanks Danny

madperson - yes it does show at https://mur.at..with the ability to add the exception. Thanks Danny
philipp
  • Top 25 Contributor
  • Moderator
5332 個解決方法 23544 個答案

can you try to remove the old certificate/exception for this site in firefox > options > advanced > encryption > view certificates > servers & see if it's working afterwards?!

can you try to remove the old certificate/exception for this site in firefox > options > advanced > encryption > view certificates > servers & see if it's working afterwards?!

提出問題者

madperson - Tried that and no change. Closed and restarted the browser and still no difference.

madperson - Tried that and no change. Closed and restarted the browser and still no difference.
philipp
  • Top 25 Contributor
  • Moderator
5332 個解決方法 23544 個答案

ok, then another thing to test: go to firefox > help > troubleshooting information and open the profile directory (then close firefox). in the profile folder rename the files cert_override.txt & cert8.db to something like oldcert... & launch firefox again.

ok, then another thing to test: go to firefox > help > troubleshooting information and open the profile directory (then close firefox). in the profile folder rename the files cert_override.txt & cert8.db to something like oldcert... & launch firefox again.

提出問題者

madperson - tried the last thing you suggested and still the same.

Danny

madperson - tried the last thing you suggested and still the same. Danny
philipp
  • Top 25 Contributor
  • Moderator
5332 個解決方法 23544 個答案

hello, is the site on a ipv6 adress? then bug #633001 might be at work here (although the problem describtion slightly differs from the problem you've described)

another thing to try would be launching firefox in safemode and to see if the "i understand the risk" section is showing up, to make sure that no addons are interfering.

Troubleshoot extensions, themes and hardware acceleration issues to solve common Firefox problems

or in case this fails too, you could try exporting the certificate on another working pc (again in in firefox > options > advanced > encryption > view certificates > servers) into a certificate file & import that again on your firefox.

hello, is the site on a ipv6 adress? then [https://bugzilla.mozilla.org/show_bug.cgi?id=633001 bug #633001] might be at work here (although the problem describtion slightly differs from the problem you've described) another thing to try would be launching firefox in safemode and to see if the "i understand the risk" section is showing up, to make sure that no addons are interfering. [[Troubleshoot extensions, themes and hardware acceleration issues to solve common Firefox problems]] or in case this fails too, you could try exporting the certificate on another working pc (again in in firefox > options > advanced > encryption > view certificates > servers) into a certificate file & import that again on your firefox.

提出問題者

Safemode did not make any difference. I am having the vendor for the site I am trying to access, which is really an appliance change the SSL cert on that device to see if that will make a difference. Amazing I can access it with I.E. and not Firefox. Will see if that makes a difference.

Will let you know how this progresses.

Thanks Danny

Safemode did not make any difference. I am having the vendor for the site I am trying to access, which is really an appliance change the SSL cert on that device to see if that will make a difference. Amazing I can access it with I.E. and not Firefox. Will see if that makes a difference. Will let you know how this progresses. Thanks Danny
shrenikd 0 個解決方法 2 個答案

I have a very specific case where I can reproduce this - we basically have the browser pointing to one https URL, and an iframe on it pointing to a different https URL. The untrusted connection in the iframe does not have the "I understand the risks" option. This is a regression from the previous releases.

This is reproducible on FFox 13.0, cleanly installed on a fresh Windows 7 64bit.

I'll be happy to repost this as a new issue if you think it is unrelated to the one in this thread.

I have a very specific case where I can reproduce this - we basically have the browser pointing to one https URL, and an iframe on it pointing to a different https URL. The untrusted connection in the iframe does not have the "I understand the risks" option. This is a regression from the previous releases. This is reproducible on FFox 13.0, cleanly installed on a fresh Windows 7 64bit. I'll be happy to repost this as a new issue if you think it is unrelated to the one in this thread.
philipp
  • Top 25 Contributor
  • Moderator
5332 個解決方法 23544 個答案

hey shrenikd, thank you for looking into the issue. did the regression occur when updating from firefox 12 to v13?

in case you can reproduce the issue, i'd recommend filing a bug report with a detailed description of the issue at https://bugzilla.mozilla.org so that the developers get aware of the issue directly.

hey shrenikd, thank you for looking into the issue. did the regression occur when updating from firefox 12 to v13? in case you can reproduce the issue, i'd recommend filing a bug report with a detailed description of the issue at https://bugzilla.mozilla.org so that the developers get aware of the issue directly.
cor-el
  • Top 10 Contributor
  • Moderator
17703 個解決方法 160151 個答案

Can you add an exception directly via the Certificate Manager?

  • Tools > Options > Advanced : Encryption: Certificates - View Certificates > Servers
Can you add an exception directly via the Certificate Manager? *Tools > Options > Advanced : Encryption: Certificates - View Certificates > Servers
shrenikd 0 個解決方法 2 個答案

madperson: I just found out that this has already been filed - https://bugzilla.mozilla.org/show_bug.cgi?id=756841
I did not test v12 -> v13 since I didn't have a v12, but I clearly remember not hitting this issue on some previous version of Firefox (which unfortunately I don't remember).

cor-el: I opened the iframe in a new tab, added an exception under the "I understand the risks" section and the error didn't show up again as expected. However, the problem is not the error showing up (since it should when the cert is untrusted), but its the missing "I understand the risks" option.

madperson: I just found out that this has already been filed - https://bugzilla.mozilla.org/show_bug.cgi?id=756841<br /> I did not test v12 -> v13 since I didn't have a v12, but I clearly remember not hitting this issue on some previous version of Firefox (which unfortunately I don't remember). cor-el: I opened the iframe in a new tab, added an exception under the "I understand the risks" section and the error didn't show up again as expected. However, the problem is not the error showing up (since it should when the cert is untrusted), but its the missing "I understand the risks" option.

由 cor-el 於 修改

philipp
  • Top 25 Contributor
  • Moderator
5332 個解決方法 23544 個答案

有幫助的回覆

hello shrenikd & dtrager - apparently the hiding of the possibility to add exceptions in an iframe is by design in order to avoid fraudulent attempts to apply a certificate to users who think they are on a different page (see new comments on the bug).

@dtrager - in case the page you're trying to access is embedded in an iframe, right-click the error page, click on "this frame" > "show only this frame" and hopefully you can add an exception in the next step. this should only be necessary once if you choose to permanently store the exception.

hello shrenikd & dtrager - apparently the hiding of the possibility to add exceptions in an iframe is by design in order to avoid fraudulent attempts to apply a certificate to users who think they are on a different page (see new comments on the bug). @dtrager - in case the page you're trying to access is embedded in an iframe, right-click the error page, click on "this frame" > "show only this frame" and hopefully you can add an exception in the next step. this should only be necessary once if you choose to permanently store the exception.

提出問題者

@madperson - that helps as it allows access, however not able to add the exception permanently. So it is a work around for the moment until we can figure out what the issue is with the certificates.

Appreciate all of the assistance and suggestions.

Have a great day.

Danny

@madperson - that helps as it allows access, however not able to add the exception permanently. So it is a work around for the moment until we can figure out what the issue is with the certificates. Appreciate all of the assistance and suggestions. Have a great day. Danny

有幫助的回覆

I have resolved this issue. What I had to do was the following:

right click on the iframe and select view frame info. Copy the address that is presented and add it to server certificates. It allows you to add the exception permanently.

Appreciate the assistance, suggestions etc.

Danny

I have resolved this issue. What I had to do was the following: right click on the iframe and select view frame info. Copy the address that is presented and add it to server certificates. It allows you to add the exception permanently. Appreciate the assistance, suggestions etc. Danny