This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

This thread was archived. Please ask a new question if you need help.

Error code: SEC_ERROR_UNKNOWN_ISSUER on Linux

  • 2 replies
  • 1 has this problem
  • 5 views
  • Last reply by cor-el

eziogale
eziogale
more options

Surfing https://www.asimmetrie.it/ on Firefox 77.0.1 (64-bit) Linux produce SEC_ERROR_UNKNOWN_ISSUER while no error occurs on Windows. Standing on https://www.ssllabs.com/ssltest/analyze.html?d=www.asimmetrie.it Linux is correct because the server's certificate chain is incomplete

Surfing https://www.asimmetrie.it/ on Firefox 77.0.1 (64-bit) Linux produce SEC_ERROR_UNKNOWN_ISSUER while no error occurs on Windows. Standing on https://www.ssllabs.com/ssltest/analyze.html?d=www.asimmetrie.it Linux is correct because the server's certificate chain is incomplete

Chosen solution

Firefox caches intermediate certificates send by a server for future use and can use a stored intermediate certificate in case the server sends an incomplete certificate chain like in this case.
If you have never visited a server that has send this specific certificate (i.e. it isn't cached) then you get the SEC_ERROR_UNKNOWN_ISSUER error, otherwise the page will load without problems.
So on Windows you have this intermediate certificate cached and on Linux you haven't yet cached this intermediate certificate.

Cached intermediate certificates show as "Software Security Device" in the Certificate Manager.

  • Options/Preferences -> Privacy & Security
    Certificates: View Certificates -> Authorities
Read this answer in context 👍 1

All Replies (2)

FredMcD
FredMcD
more options
  • MOZILLA_PKIX_ERROR_MITM_DETECTED
  • uses an invalid security certificate SSL_ERROR_BAD_CERT_DOMAIN
  • configured their website improperly

How to troubleshoot the error code "SEC_ERROR_UNKNOWN_ISSUER" on secure websites https://support.mozilla.org/en-US/kb/troubleshoot-SEC_ERROR_UNKNOWN_ISSUER


There is security software like Avast, Kaspersky, BitDefender and ESET that intercept secure connection certificates and send their own.

https://support.mozilla.org/en-US/kb/firefox-cant-load-websites-other-browsers-can

https://support.mozilla.org/en-US/kb/firefox-and-other-browsers-cant-load-websites

https://support.mozilla.org/en-US/kb/secure-connection-failed-error-message

https://support.mozilla.org/en-US/kb/connection-untrusted-error-message

Websites don't load - troubleshoot and fix error messages

http://kb.mozillazine.org/Error_loading_websites

What do the security warning codes mean

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

Chosen Solution

Firefox caches intermediate certificates send by a server for future use and can use a stored intermediate certificate in case the server sends an incomplete certificate chain like in this case.
If you have never visited a server that has send this specific certificate (i.e. it isn't cached) then you get the SEC_ERROR_UNKNOWN_ISSUER error, otherwise the page will load without problems.
So on Windows you have this intermediate certificate cached and on Linux you haven't yet cached this intermediate certificate.

Cached intermediate certificates show as "Software Security Device" in the Certificate Manager.

  • Options/Preferences -> Privacy & Security
    Certificates: View Certificates -> Authorities