Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Lolu chungechunge lwabekwa kunqolobane. Uyacelwa ubuze umbuzo omusha uma udinga usizo.

SSL_ERROR_UNKNOWN_CA_ALERT, but all CA certificates are be installed already and exceptions don't work

  • 5 uphendule
  • 1 inale nkinga
  • 28 views
  • Igcine ukuphendulwa ngu astrojuanlu

astrojuanlu
astrojuanlu
more options

I am on Linux Mint, Firefox 100.0 and I am trying to access a website, https://www.citapreviadnie.es:38188 (requires personal DNIe certificate). However, I keep getting SSL_ERROR_UNKNOWN_CA_ALERT. If I view the certificate of the website,

1. Firefox doesn't tell me which part of the chain is invalid or not trusted (or I don't see it) 2. When I try to download and import each of the CA certificates, I get an alert saying "This certificate is already installed as a certificate authority." 3. If I try to import the whole chain, I get another alert telling me "This is not a certificate authority certificate, so it can’t be imported into the certificate authority list." 4. If I try to add a permanent exception to the site, I see "This site attempts to identify itself with invalid information", but if I click "view certificate" I'm back to step 1, and adding the exception does not have any effect.

What am I supposed to do now?

I am on Linux Mint, Firefox 100.0 and I am trying to access a website, https://www.citapreviadnie.es:38188 (requires personal DNIe certificate). However, I keep getting SSL_ERROR_UNKNOWN_CA_ALERT. If I view the certificate of the website, 1. Firefox doesn't tell me which part of the chain is invalid or not trusted (or I don't see it) 2. When I try to download and import each of the CA certificates, I get an alert saying "This certificate is already installed as a certificate authority." 3. If I try to import the whole chain, I get another alert telling me "This is not a certificate authority certificate, so it can’t be imported into the certificate authority list." 4. If I try to add a permanent exception to the site, I see "This site attempts to identify itself with invalid information", but if I click "view certificate" I'm back to step 1, and adding the exception does not have any effect. What am I supposed to do now?
Ama-screenshot ananyekiwe

All Replies (5)

FredMcD
FredMcD
more options

Web search: https://www.bing.com/search?q=SSL_ERROR_UNKNOWN_CA_ALERT https://bugzilla.mozilla.org/show_bug.cgi?id=1582926 Bug 1582926 Opened 3 years ago Closed 3 years ago SSL_ERROR_UNKNOWN_CA_ALERT on a two way SSL website with custom CA

astrojuanlu
astrojuanlu Umnikazi wombuzo
more options

From the last comment:

> Fixed with Firefox 72 if you import your Client-certificate before accessing the Site. Otherwise you will get the annoying SSL_ERROR_BAD_CERT_ALERT error. Firefox now select the correct Client-certificate is more than one is available.

I understand that I have to delete my imported client certificate and import it again then. I'll try that and report back.

astrojuanlu
astrojuanlu Umnikazi wombuzo
more options

Unfortunately, doing this doesn't work.

FredMcD
FredMcD
more options

I called for more help.


There is security software like Avast, Kaspersky, BitDefender and ESET that intercept secure connection certificates and send their own.

https://support.mozilla.org/en-US/kb/firefox-cant-load-websites-other-browsers-can

https://support.mozilla.org/en-US/kb/firefox-and-other-browsers-cant-load-websites

https://support.mozilla.org/en-US/kb/secure-connection-failed-firefox-did-not-connect

https://support.mozilla.org/en-US/kb/websites-dont-load-troubleshoot-and-fix-errors

What do the security warning codes mean

astrojuanlu
astrojuanlu Umnikazi wombuzo
more options

I'm on Linux and I don't have, to my knowledge, any software that might be doing that.