This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Since I updated my Firefox browser to version 29.0.1, my gmail stopped working.

more options

The issue seems to be with the certificate provider's authenticity. The message that I get is: "This Connection is Untrusted". On expanding the 'Technical Details' tab, it says: "mail.google.com uses an invalid security certificate. The certificate is not trusted because the issuer certificate is not trusted. (Error code: sec_error_untrusted_issuer)".

In the previous version of Firefox, though the security warning was displayed, there was another drop-down called 'I understand the risks' and there used to be an 'Add Exception' button through which I could confirm the exception and continue to gmail but that drop-down is no longer available.

I tried the following options and none of them worked:

1. Started Firefox in Safe Mode and tried accessing gmail. Same error is shown. 2. Deleted the existing Google cookies and also cleared my network cache and history, restarted Firefox, but still same error. 3. Closed Firefox, deleted cert8.db file, restarted firefox, tried opening gmail, again same error. 4. Reset Firefox, still same error.

The issue seems to be with the certificate provider's authenticity. The message that I get is: "This Connection is Untrusted". On expanding the 'Technical Details' tab, it says: "mail.google.com uses an invalid security certificate. The certificate is not trusted because the issuer certificate is not trusted. (Error code: sec_error_untrusted_issuer)". In the previous version of Firefox, though the security warning was displayed, there was another drop-down called 'I understand the risks' and there used to be an 'Add Exception' button through which I could confirm the exception and continue to gmail but that drop-down is no longer available. I tried the following options and none of them worked: 1. Started Firefox in Safe Mode and tried accessing gmail. Same error is shown. 2. Deleted the existing Google cookies and also cleared my network cache and history, restarted Firefox, but still same error. 3. Closed Firefox, deleted cert8.db file, restarted firefox, tried opening gmail, again same error. 4. Reset Firefox, still same error.

All Replies (14)

more options

Troubleshoot the "Secure Connection Failed" error message

Remove the certificate and import the certificate.

more options

I have already tried deleting / renaming the cert8.db file and restarting FF but the result is same. Moreover, it was working before the FF update to version 29. It stopped working since I updated. If I have not understood / missed anything, please explain me and provide the detailed steps.

more options

Start Firefox in Safe Mode to Troubleshoot the issue and to check if one of the extensions (Firefox/Tools > Add-ons > Extensions) or if hardware acceleration is causing the problem (switch to the DEFAULT theme: Firefox/Tools > Add-ons > Appearance).

more options

Hi iamjayakumars,

If you read through my initial problem description, I have already tried safe mode, disabled all extensions and do not use any themes.

I have gone through the links you posted above and tried those steps to no avail.

Even then the issue is there, I even did a reset FF but still the issue is there. I am sure that it is related to some settings being changed in v 29 of FF that has caused this issue.

more options

Create a new profile as a test to check if your current profile is causing the problems. See Creating a profile:

If the new profile works then you can transfer files from a previously used profile to the new profile, but be cautious not to copy corrupted files to avoid carrying over the problem Profile Backup and Restore

more options

Sometimes this problem is caused because your system clock is not set properly. Please check your time and date.

more options

Check the date and time in the clock on your computer: (double) click the clock icon on the Windows Taskbar.

Check out why the site is untrusted and click "Technical Details to expand this section.
If the certificate is not trusted because no issuer chain was provided (sec_error_unknown_issuer) then see if you can install this intermediate certificate from another source.

You can retrieve the certificate and check details like who issued certificates and expiration dates of certificates.

  • Click the link at the bottom of the error page: "I Understand the Risks"

Let Firefox retrieve the certificate: "Add Exception" -> "Get Certificate".

  • Click the "View..." button and inspect the certificate and check who is the issuer of the certificate.

You can see more Details like intermediate certificates that are used in the Details pane.

If "I Understand the Risks" is missing then this page may be opened in an (i)frame and in that case try the right-click context menu and use "This Frame: Open Frame in New Tab".

  • Note that some firewalls monitor (secure) connections and that programs like Sendori or FiddlerRoot can intercept connections and send their own certificate instead of the website's certificate.
  • Note that it is not recommended to add a permanent exception in cases like this, so only use it to inspect the certificate.
more options

No error on the search page, https://www.google.com/ ? From what I can see, the same "intermediate" certificate is used to sign both certificates.

more options

As mentioned in the initial explanation of my issue:

On expanding the 'Technical Details' tab, it says: "mail.google.com uses an invalid security certificate. The certificate is not trusted because the issuer certificate is not trusted. (Error code: sec_error_untrusted_issuer)".

"I Understand the Risks" is indeed missing and I tried opening the page (gmail) in an iFrame as well but it did not work. The reason may be that Gmail has a frame buster script that prevents it from running inside a frame.

I have not used any http interceptors like Sendori or FiddlerRoot.

Anyway, the issue is not due to intermediate certs being missing as the error clearly shows that " The certificate is not trusted because the issuer certificate is not trusted. (Error code: sec_error_untrusted_issuer)".

more options

@jscher2000,

No mate, there is no error on the search page.

more options

@iamjayakumars,

I would try creating a profile, however, I am not sure why that should be an issue because the same website (gmail) was working till the day before FF was updated to v29.

It stopped working right from the moment I updated my FF to v29. Just to add to the information already provided, though the same website did show a certificate error on previous version as well but it also displayed the 'I Understand the Risks' drop-down and allowed me to add the certificate exception and navigate to the website. But, after the upgrade the 'I Understand the Risks' drop-down is gone and there is no way to bypass the exception as well.

more options

Sometimes you get certificate error because your system clock / date is wrong. Check them, and make sure the your location is correct and the computers auto time sync is on.

more options

Hi g_lohiya, you can get "sec_error_untrusted_issuer" for a missing intermediate certificate, but since the same intermediate certificate is used on www.google.com (search) I suspect that is not the issue.

Could you compare your certificate details on www.google.com with the attached? Do you have a different issuer?

Can you think of any proxy software/services you might be running, or other explanation for having to create exceptions for well run sites?

more options

Hi g_lohiya, other browsers have similar certificate viewing dialogs. You could check the Gmail certificate in Internet Explorer or Chrome to see whether it has an unexpected issuer. Some malware that can push certificates transparently into the Windows certificate store (used by IE and Chrome) cannot push them into Firefox, so checking the certificate issuer in IE or Chrome may assist in identifying that kind of malware.