Join the Mozilla’s Test Days event from 9–15 Jan to test the new Firefox address bar on Firefox Beta 135 and get a chance to win Mozilla swag vouchers! 🎁

Този сайт ще има ограничена функционалност, докато се извършва тече неговата поддръжка. Ако дадена статия не може реши проблема ви и искате да зададете въпрос, нашата общност е готова да ви помогне на @firefox в Twitter и /r/firefox в Reddit.

Avatar for Username

Търсене в помощните статии

Избягвайте измамите при поддръжката. Никога няма да ви помолим да се обадите или изпратите SMS на телефонен номер или да споделите лична информация. Моля, докладвайте подозрителна активност на "Докладване за злоупотреба".

Научете повече

Тази тема беше архивирана. Моля, задайте нов въпрос ако имате нужда от помощ.

CA Signed Certificate shows as "not valid"

  • 4 отговора
  • 1 има този проблем
  • 391 изгледи
  • Последен отговор от jCubed

jCubed
jCubed
more options

There is a certificate for an internal website that FireFox is saying is not valid/secure and it makes you add an exception. However, if you use IE, Edge or Chrome it loads fine with the valid CA Certificate. I've cleared all data (cache/etc...) and it hasn't fixed it. Hopefully someone has a fix for this?

Getting "SEC_ERROR_UNKNOWN_ISSUER" for the certificate and its saying: 

   Peer’s Certificate issuer is not recognized.
   HTTP Strict Transport Security: false
   HTTP Public Key Pinning: false


FireFox Version: 91.8.0esr (64-bit) Operating System: Windows 10 (64-bit)

There is a certificate for an internal website that FireFox is saying is not valid/secure and it makes you add an exception. However, if you use IE, Edge or Chrome it loads fine with the valid CA Certificate. I've cleared all data (cache/etc...) and it hasn't fixed it. Hopefully someone has a fix for this? Getting "SEC_ERROR_UNKNOWN_ISSUER" for the certificate and its saying: Peer’s Certificate issuer is not recognized. HTTP Strict Transport Security: false HTTP Public Key Pinning: false FireFox Version: 91.8.0esr (64-bit) Operating System: Windows 10 (64-bit)

Променено на от jCubed

Избрано решение

Firefox does not use the operating system certificate store by default.

Can you go to about:config and search for the preference

security.enterprise_roots.enabled

and change it to true and see if that fixes things?

Прочетете този отговор в контекста 👍 1

Всички отговори (4)

Mike Kaply
Mike Kaply
  • Moderator
more options

Избрано решение

Firefox does not use the operating system certificate store by default.

Can you go to about:config and search for the preference

security.enterprise_roots.enabled

and change it to true and see if that fixes things?

jCubed
jCubed Задаващият въпроса
more options

So, that fixed it, thanks! But why would that matter? The certificate is loaded to the server itself. The certificate was not loaded to GPO, windows store or anything else. Only applied to the server itself.

Mike Kaply
Mike Kaply
  • Moderator
more options

My guess is that your company uses a custom certificate authority for that site (not a public one) and they load that CA into Windows expecting it to work.

jCubed
jCubed Задаващият въпроса
more options

That could be. Just not disclosed to us after its generated on specifically what they did. Thanks!