Firefox - BurpCA issues and Error: SEC_ERROR_UNTRUSTED_ISSUER
Good Morning, I am trying to solve FireFox CA issues for the last two days. I am using BurpPro for work.
I generated new Burp CA Cert (cacert.der) file and imported it via Settings to the list of certificates. I can see the Burp cacert imported. NOTE: When importing I CAN'T SEE THE SCREEN ASKING FOR "this cert can trust websites, mail etc."
Now, when navigating to HTTPS website ie httpS://example.com I see message: "Secure Connection Failed An error occurred during a connection to example.com. Peer's certificate issuer has been marked as not trusted by the user. Error code: SEC_ERROR_UNTRUSTED_ISSUER" But going to http://example.com is OK (so this issue is only for httpS websites)
Why? [angry face] I was reading a lot of support topics over help here. The trick with removing cert8.db file don't help. I restored the FF to it's factory settings. Didn't help. I am after installing the FFDev edition (as a separate browser) and the same issue Secure Connection Failed
An error occurred during a connection to example.com. Peer's certificate issuer has been marked as not trusted by the user. Error code: SEC_ERROR_UNTRUSTED_ISSUER occur!
The very same BurpCA Cert working on Chrome and IE. I asked the same question on BurpSupport - no answer... as yet.
Using:
Windows7 Pro 64 bit
FF 43.0.4 ; FFDev 45.0a2
All Replies (5)
Did you happen by this https://bugzilla.mozilla.org/show_bug.cgi?id=1126034 ? There is one workaround someone applied with CentOS and a fair bit of information regarding the error types (and what caused it in the case of TinyCA). My knowledge is limited regarding certificates, so googling for old solutions was the best I can do - I can see you've tried a couple already.
Modified
According to Burp Support (link attached), when importing BurpCA certyficate I should get a question about "In the dialog box that pops up, check the box "Trust this CA to identify web sites", and click "OK".
I can't see this dialog box neither in Firefox or Firefox Dev ed. Why? Where I can reset this setting? Can't see anything over in Windows System registry or in about:config
The UI may have changed since Burp made those instructions; you should see the difference in 43 already since there's no dialog box for Options (it's a tab now).
You can edit the setting by selecting the certificate and selecting Edit Trust, "identify websites" should be the first option you can select.
Can you post a link to a publicly accessible page (i.e. no authentication or signing on required) where such a certificate is used?
Hi, this has been bugging me, and I have been looking for an answer, I am hoping that you can see it and it helps