This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

only Firefox dont support StartCom one class, what?

  • 10 پاسخ
  • 3 have this problem
  • 1 view
  • آخرین پاسخ توسّط panos45

more options

For site https://lowtek.ca/

Firefox lowtek.ca uses an invalid security certificate. The certificate is not trusted because the issuer certificate is not trusted. (Error code: sec_error_untrusted_issuer)

Google chrome

Good

Opera

Good

Ie

Good

Safari

Good

For site https://lowtek.ca/ Firefox lowtek.ca uses an invalid security certificate. The certificate is not trusted because the issuer certificate is not trusted. (Error code: sec_error_untrusted_issuer) Google chrome Good Opera Good Ie Good Safari Good

Modified by cor-el

All Replies (10)

more options

And i have this in ubuntu and in windwos

Firefox 18.0

Modified by bobebubab

more options

It is working fine here on Linux and the server sends the intermediate certificate certificate.
Make sure that your system clock is set to the correct date and time.

You can inspect the certificate chain via a website like this:

Note that the site needs to take action: The SSL Certificate will expire on Saturday 5 January 2013 this means it is still valid for 16 days.


Try to rename the cert8.db file in the Firefox profile folder to cert8.db.old or delete the cert8.db file to remove intermediate certificates that Firefox has stored.

If that helped to solve the problem then you can remove the renamed cert8.db.old file.
Otherwise you can rename (or copy) the cert8.db.old file to cert8.db to restore the previous intermediate certificates.
Firefox will automatically store intermediate certificates when you visit websites that send such a certificate.

more options

Oke cor-el but i have more sites and any untrasted only firefox.

why is this happening?

All popular browsers chrome, opera, ie, safari support startssl certificate default without further action, but for Firefox to do something with the server settings.

maybe it is not in the server settings and in the firefox?

Thanks you for reply

more options

Did you try to remove the cert8.db database file?

What do the details of the certificate error show about this error?

Is the certificate expired or is there another (common) error?

You can retrieve the certificate and check details like who issued certificates and expiration dates of certificates.

  • Click the link at the bottom of the error page: "I Understand the Risks"

Let Firefox retrieve the certificate: "Add Exception" -> "Get Certificate".

  • Click the "View..." button and inspect the certificate and check who is the issuer.

You can see more Details like intermediate certificates that are used in the Details pane.

more options

thanks you cor-el for reply but i em understand is all.

chrome, ie, safari, opera is all browsers default supported my sertificat startssl class1 and only firefox dont support default and requires additional settings for this certificate, becouse i think what is mozilla dont want distribution free ssl certificate becouse setting ff what it dont trust default startssl class1.mozilla dont want crypte informations users

sry i dont want show domain

but all browsers supported is certificat and only FF show this page obout dont trusted

screenshot in mindows 8

Modified by bobebubab

more options

cor-el thank you for the directions but I still having the same problems. Site is working in all browser except FF (checked in different machines and FF versions) where I have THE SAME ERROR sec_error_unknown_issuer error

I checked the site at http://www.networking4all.com/en/support/tools/site+check/ and seems everything ok, except the StartCom Class 1 Primary Intermediate Server CA which is in pink background and says that is valid till Monday 22 October 2012 eventhough I have uploaded the most recent one from the http://www.startssl.com/

I'm using a shared web server and the Plesk 10 panel. I would like to ask you if you believe that the server needs a restart in order to send the correct certificate order. (I have also followed this directions http://www.jordicals.com/2010/04/how-to-install-a-free-startssl-certificate-in-plesk/ )

more options

Hi panos45

Can you post a link?


If the SSL check confirms that the server setup is OK then there may be a problem with Firefox.

Try rename the cert8.db file in the Firefox profile folder to cert8.db.old or delete the cert8.db file to remove intermediate certificates that Firefox has stored.

If that helped to solve the problem then you can remove the renamed cert8.db.old file.
Otherwise you can rename (or copy) the cert8.db.old file to cert8.db to restore the previous intermediate certificates.
Firefox will automatically store intermediate certificates when you visit websites that send such a certificate.

more options

Just sent you a private message with the link

"cert8.db file in the Firefox profile folder " is in my machine and not in the server, is that correct ?

more options

Yes. The cert8.db file in the Firefox profile folder and not on the server.

You need to install the missing "StartCom Class 1 Primary Intermediate Server CA" intermediate certificate on your servers.

more options

cor-el thank you for your time. I found the cert8.db file and I delete it.

I also reistall "StartCom Class 1 Primary Intermediate Server CA" and the problem solved when the server restarted ! works fine now.