This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

ابحث في الدعم

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

I cannot override my "SEC_ERROR_UNKNOWN_ISSUER" because there is no "Add Exception" link after I click on "Advanced".

  • 7 ردود
  • 14 have this problem
  • 1 view
  • آخر ردّ كتبه cor-el

more options

I followed the instructions on the support article about this error, but I cannot override the error as it describes because after I click on "Advanced", there is no "Add Exception" link or button. This is a US government website that has worked on this laptop, on my Firefox browser, until this day.

Here is the original message that comes up when I attempt to load the page:

"The owner of wawf.eb.mil has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.

This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox may only connect to it securely. As a result, it is not possible to add an exception for this certificate."

Then, when I click on "Advanced", it says:

"The certificate is not trusted because the issuer certificate is unknown. The server might not be sending the appropriate intermediate certificates. An additional root certificate may need to be imported."

Thank you kindly for your time and help!

I followed the instructions on the support article about this error, but I cannot override the error as it describes because after I click on "Advanced", there is no "Add Exception" link or button. This is a US government website that has worked on this laptop, on my Firefox browser, until this day. Here is the original message that comes up when I attempt to load the page: "The owner of wawf.eb.mil has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website. This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox may only connect to it securely. As a result, it is not possible to add an exception for this certificate." Then, when I click on "Advanced", it says: "The certificate is not trusted because the issuer certificate is unknown. The server might not be sending the appropriate intermediate certificates. An additional root certificate may need to be imported." Thank you kindly for your time and help!
Attached screenshots

الحل المُختار

It is impossible to add a security exception for HSTS enabled websites :(

You could try clearing your history, that removes the HSTS info sometimes.

Read this answer in context 👍 3

All Replies (7)

more options

الحل المُختار

It is impossible to add a security exception for HSTS enabled websites :(

You could try clearing your history, that removes the HSTS info sometimes.

more options

That website uses DoD certificates.

See:

PKI CA Certificate Bundles: PEM Self-Extracting ZIP:

more options

Thank you for that information. Unfortunately, I am not a CAC user and accessed the website previously in a non-CAC way, through username and password. Even if I were to set up a CAC reader like those links describe, I wouldn't be able to use it. I do appreciate your time and effort, though!

more options

Sakuhl said

It is impossible to add a security exception for HSTS enabled websites :( You could try clearing your history, that removes the HSTS info sometimes.

Thank you for that information! That does explain the reason for the lack of "exception" option. I will try to clear my browser's history, cookies, and cache when I get to a working stopping point, but I do clear it fairly frequently and have not had this problem before. I'll update once I've tried it again.

more options

You do not need to have a CAC, you only need to install the DoD certificates.

You can use these instructions for Linux to import the DOD certificates in the Firefox Certificate Manager.

See Install the DoD Root and Intermediate CA Certificates

more options

cor-el said

You do not need to have a CAC, you only need to install the DoD certificates. You can use these instructions for Linux to import the DOD certificates in the Firefox Certificate Manager. See Install the DoD Root and Intermediate CA Certificates

Thank you, I appreciate the depth of your answer. After I cleared my history/cache/cookies under guidance of the last poster, I was able to gain access. You answer may have been a good solution, but I didn't need to get that far. Thanks again!

more options

There should be no need to create an exception if you can easily fix this by adding the required certificates to the Firefox Certificate Manager. Creating an exception should be the last resort when you can't fix it otherwise. All government website use these DoD certificates and they may have been installed in Windows in case other browsers work, but Firefox uses its own certificate store and you need to install certificates yourself.