X
Thinta lapha ukuze uye kuveshini yamakhalekhukhwini kusayithi.

Isithangami Sabeseki

Lolu chungechunge lwabekwa kunqolobane. Uyacelwa ubuze umbuzo omusha uma udinga usizo.

SEC_ERROR_UNKNOWN_ISSUER

Kuphostiwe

I have been using firefox since beginning of 2003, yes I pretty sure you know what that means. Now I understand that SEC_ERROR_UNKNOWN_ISSUER is a add security feature (okay some people need that) But 90% of the ppl using FF, does not need that. Since I can not turn off that feature, you are violating my net neutrality. You are telling me what websites I can go to, and can not go to. FF went from a slim active Fox, to a out of shape bloated pig. I never thought I would see the day when a Microsoft browser was better FF. Edge is crushing you all stat wise, you are not even on the same playing field.

I have been using firefox since beginning of 2003, yes I pretty sure you know what that means. Now I understand that SEC_ERROR_UNKNOWN_ISSUER is a add security feature (okay some people need that) But 90% of the ppl using FF, does not need that. Since I can not turn off that feature, you are violating my net neutrality. You are telling me what websites I can go to, and can not go to. FF went from a slim active Fox, to a out of shape bloated pig. I never thought I would see the day when a Microsoft browser was better FF. Edge is crushing you all stat wise, you are not even on the same playing field.

Eminye Imininingwane Yohlelo

Fakela amapulagi

  • Shockwave Flash 29.0 r0

Isisebenziso

  • I-ejenti Engumsebenzisi: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:60.0) Gecko/20100101 Firefox/60.0

Eminye Imininingwane

FredMcD
  • Top 10 Contributor
4220 izisombululo 58909 izimpendulo
Kuphostiwe

There is security software like Avast, Kaspersky, BitDefender and ESET that intercept secure connections and send their own certificate.

https://support.mozilla.org/en-US/kb/firefox-cant-load-websites-other-browsers-can

https://support.mozilla.org/en-US/kb/firefox-and-other-browsers-cant-load-websites

https://support.mozilla.org/en-US/kb/secure-connection-failed-error-message

https://support.mozilla.org/en-US/kb/connection-untrusted-error-message

http://kb.mozillazine.org/Error_loading_websites


  • uses an invalid security certificate SSL_ERROR_BAD_CERT_DOMAIN
  • configured their website improperly

How to troubleshoot the error code "SEC_ERROR_UNKNOWN_ISSUER" on secure websites https://support.mozilla.org/en-US/kb/troubleshoot-SEC_ERROR_UNKNOWN_ISSUER

There is security software like Avast, Kaspersky, BitDefender and ESET that intercept secure connections and send their own certificate. https://support.mozilla.org/en-US/kb/firefox-cant-load-websites-other-browsers-can https://support.mozilla.org/en-US/kb/firefox-and-other-browsers-cant-load-websites https://support.mozilla.org/en-US/kb/secure-connection-failed-error-message https://support.mozilla.org/en-US/kb/connection-untrusted-error-message http://kb.mozillazine.org/Error_loading_websites *uses an invalid security certificate SSL_ERROR_BAD_CERT_DOMAIN *configured their website improperly How to troubleshoot the error code "SEC_ERROR_UNKNOWN_ISSUER" on secure websites https://support.mozilla.org/en-US/kb/troubleshoot-SEC_ERROR_UNKNOWN_ISSUER

Umnikazi wombuzo

Almost 50,000 answers and this is the best you came up with. Are you a bot or a troll? "There is security software like Avast, Kaspersky, BitDefender and ESET that intercept secure connections and send their own certificate." Why would you even state that? All you did was make my point stronger. With them Security Suits you mentioned, if a out of date cert or a bad cert comes up, they still give you the option to proceed. FF does not, Which as I stated, if I can not make the freedom of choice to proceed, then FF is in violation of Net Neutrality.

Almost 50,000 answers and this is the best you came up with. Are you a bot or a troll? "There is security software like Avast, Kaspersky, BitDefender and ESET that intercept secure connections and send their own certificate." Why would you even state that? All you did was make my point stronger. With them Security Suits you mentioned, if a out of date cert or a bad cert comes up, they still give you the option to proceed. FF does not, Which as I stated, if I can not make the freedom of choice to proceed, then FF is in violation of Net Neutrality.
cor-el
  • Top 10 Contributor
  • Moderator
17409 izisombululo 157269 izimpendulo
Kuphostiwe

Impendulo Ewusizo

There is always a reason for the SEC_ERROR_UNKNOWN_ISSUER error. This can be a problem with software that acts as a man-in-the-middle and sends its own certificate or a problem with the configuration of the web server that doesn't send required intermediate certificates or something else. You always need to investigate what is wrong in each case and never set a permanent exception, especially in case something is wrong with reputed websites.


You can check if there is more detail available about the issuer of the certificate.

  • click the "Advanced" button show more detail
  • click the blue SEC_ERROR_UNKNOWN_ISSUER message to show the certificate chain
  • click "Copy text to clipboard" and paste the base64 certificate chain text in a reply

If clicking the SEC_ERROR_UNKNOWN_ISSUER text doesn't provide the certificate chain then try these steps to inspect the certificate.

  • open the Server tab in the Certificate Manager
    • Options/Preferences -> Privacy & Security
      Certificates: View Certificates -> Servers: "Add Exception"
  • paste the URL of the website (https://xxx.xxx) in it's Location field.

Let Firefox retrieve the certificate -> "Get Certificate"

  • click the "View" button and inspect the certificate

You can see detail like the issuer of the certificate and intermediate certificates in the Details tab.

There is always a reason for the SEC_ERROR_UNKNOWN_ISSUER error. This can be a problem with software that acts as a man-in-the-middle and sends its own certificate or a problem with the configuration of the web server that doesn't send required intermediate certificates or something else. You always need to investigate what is wrong in each case and never set a permanent exception, especially in case something is wrong with reputed websites. ---- You can check if there is more detail available about the issuer of the certificate. *click the "Advanced" button show more detail *click the blue SEC_ERROR_UNKNOWN_ISSUER message to show the certificate chain *click "Copy text to clipboard" and paste the base64 certificate chain text in a reply If clicking the SEC_ERROR_UNKNOWN_ISSUER text doesn't provide the certificate chain then try these steps to inspect the certificate. *open the Server tab in the Certificate Manager **Options/Preferences -> Privacy & Security<br>Certificates: View Certificates -> Servers: "Add Exception" *paste the URL of the website (https://xxx.xxx) in it's Location field. Let Firefox retrieve the certificate -> "Get Certificate" *click the "View" button and inspect the certificate You can see detail like the issuer of the certificate and intermediate certificates in the Details tab.
guigs 1072 izisombululo 11697 izimpendulo
Kuphostiwe

The people who answer questions here, for the most part, are other Firefox users volunteering alot of their time, not Mozilla employees or Firefox developers.

If you want to leave feedback for Firefox developers, you can go to the Firefox Help menu and select Submit Feedback... or use this link. Your feedback gets collected by a team of people who read it and gather data about the most common issues.

The people who answer questions here, for the most part, are other Firefox users volunteering alot of their time, not Mozilla employees or Firefox developers. If you want to leave feedback for Firefox developers, you can go to the Firefox ''Help'' menu and select ''Submit Feedback...'' or use [https://qsurvey.mozilla.com/s3/FirefoxInput/ this link]. Your feedback gets collected by a team of people who read it and gather data about the most common issues.

Umnikazi wombuzo

I understand why it is checking certs, but normally doesn't your security suit check the certs? Doesn't your operating system check certs? I know about the whole advance(but thank you for your help) How can we disable it? Like you used to be able to with IE.

Open Internet Explorer and click on "Tools," or the gear icon. Click "Internet Options" and click on the "Advanced" tab. Navigate to the "Security" subheading and remove the check marks on both the “Check for publisher's certificate revocation” and “check for server certificate revocation” options.

I thought it was the last option on FF Privacy and Security setting Query OCSP responder(sounds like it should be) If it is not validating the certs, it should go through, or someone forgot the code.

I think most people would be afraid of, creating a new rule. Instead of all of that, advance to another page to create the rule. (for the avg. person they would not know what they are looking at there) One solid color button to proceed and that's it. Or the option to fully turn it off.

I understand why it is checking certs, but normally doesn't your security suit check the certs? Doesn't your operating system check certs? I know about the whole advance(but thank you for your help) How can we disable it? Like you used to be able to with IE. Open Internet Explorer and click on "Tools," or the gear icon. Click "Internet Options" and click on the "Advanced" tab. Navigate to the "Security" subheading and remove the check marks on both the “Check for publisher's certificate revocation” and “check for server certificate revocation” options. I thought it was the last option on FF Privacy and Security setting Query OCSP responder(sounds like it should be) If it is not validating the certs, it should go through, or someone forgot the code. I think most people would be afraid of, creating a new rule. Instead of all of that, advance to another page to create the rule. (for the avg. person they would not know what they are looking at there) One solid color button to proceed and that's it. Or the option to fully turn it off.

Okulungisiwe ngu lllll_saywhy_lllll

Umnikazi wombuzo

I might be wrong but i do not think Apple has a bad cert at browserbench Microsoft Edge lets you through no problem, FF throws the error.

I might be wrong but i do not think Apple has a bad cert at browserbench Microsoft Edge lets you through no problem, FF throws the error.
cor-el
  • Top 10 Contributor
  • Moderator
17409 izisombululo 157269 izimpendulo
Kuphostiwe

The second screenshot would suggest that the server doesn't send intermediate certificates. Firefox needs the server to send a full certificate chain that ends with a builtin trusted root certificate. Other browsers may try to retrieve missing intermediate certificates, but Firefox doesn't do this an show an error.

The second screenshot would suggest that the server doesn't send intermediate certificates. Firefox needs the server to send a full certificate chain that ends with a builtin trusted root certificate. Other browsers may try to retrieve missing intermediate certificates, but Firefox doesn't do this an show an error.