How do I allow self signed certificate in FF 61?
Hi
I am trying to access a site with a self signed certificate and there is no option to add a security exception. Get this code: SEC_ERROR_UNKNOWN_ISSUER
Have added a security exception through settings but still can't access the site.
What is going on??
All Replies (3)
Can you post the certificate data?
You can check if there is more detail available about the issuer of the certificate.
- click the "Advanced" button show more detail
- click the blue error text (SEC_ERROR_UNKNOWN_ISSUER) to show the certificate chain
- click "Copy text to clipboard" and paste the base64 certificate chain text in a reply
If clicking the blue error text doesn't provide the certificate chain then try these steps to inspect the certificate.
- open the Servers tab in the Certificate Manager
- Options/Preferences -> Privacy & Security
Certificates: View Certificates -> Servers: "Add Exception"
- Options/Preferences -> Privacy & Security
- paste the URL of the website (https://xxx.xxx) in it's Location field
Let Firefox retrieve the certificate -> "Get Certificate"
- click the "View" button and inspect the certificate
You can see detail like the issuer of the certificate and intermediate certificates in the Details tab.
BEGIN CERTIFICATE-----
MIID1zCCAr8CCQCyIVKOm3lw7TANBgkqhkiG9w0BAQsFADCBrDELMAkGA1UEBhMC QUExFDASBgNVBAgMC0REb1MtRmlsdGVyMRQwEgYDVQQHDAtERG9TLUZpbHRlcjEU MBIGA1UECgwLRERvUy1GaWx0ZXIxCzAJBgNVBAsMAkNBMSMwIQYDVQQDDBpwcm90 ZWN0QEREb1MtRmlsdGVyLmRvbWFpbjEpMCcGCSqGSIb3DQEJARYacHJvdGVjdEBE RG9TLUZpbHRlci5kb21haW4wHhcNMTgwMTA4MTA0MTI2WhcNMjcxMDA4MTA0MTI2 WjCBrTELMAkGA1UEBhMCQUExFDASBgNVBAgMC0REb1MtRmlsdGVyMRQwEgYDVQQH DAtERG9TLUZpbHRlcjEUMBIGA1UECgwLRERvUy1GaWx0ZXIxFDASBgNVBAsMC0RE b1MtRmlsdGVyMRswGQYDVQQDDBJERG9TLUZpbHRlci5kb21haW4xKTAnBgkqhkiG 9w0BCQEWGnByb3RlY3RARERvUy1GaWx0ZXIuZG9tYWluMIIBIjANBgkqhkiG9w0B AQEFAAOCAQ8AMIIBCgKCAQEApcTkt6gJC/nhup2t7pMfO2Q0/N6D+faZGdUpNzuI 9OEBLpgJBDWLn3S/EkNoUd/sNxWZ1b6ZfZN6HhbBHg8L4iq/kMuGbak4tkQp8W3H dU9sBl4Sey4Xr73UlffEtp2Z/FctUkh64mAKMgRwZNEa4JOukbp/4uEMr6su3O8b 7lzLJEAJUfSYsxSrRJxFLzVJj+ZWJcnxPL3AWEnjDnqGkAP7Yiskw/2mS0t+yz3C YIYfIbbv/yGwPORsKM+b5fOISuSuIx1qu61gqnaHJmEkHz7tPk0IWSL7ipEiXNPp 58em6+x6R0eg+8Kcnf385WwDAXj1SUsyDqpWgRLsI1oyMwIDAQABMA0GCSqGSIb3 DQEBCwUAA4IBAQAW+7V+f4GsNGspP04xXnbiLjMAVyLllxySstANjorUe0C8/2bi K0bcpZudPfw2tY0XyDOqFsyi0gQlsqiD7IXOyM2uXZ57ymc/GhcTCPGaKvq23OKS lryKu67nDHEFxM4do+bRWkHi8WkTqAxxJmBy2+0J6Aky3j7Zrr2DsloDMZSItEQt n4eMRU4+yJWD5pC+WpTexZGKFdSHQxdpZs1iowB0uIXQmiLWQEMSNrXZArqv4iwk Byoo1p5Mb6u1TgMEX+yhs8ijlGwU1WH85uh5Pl0y0QnVu6M4Q+beZ4895OefTxBm MpUGLeCV+XmGyP6hnyF+7ouHYgkdRI5TRhof
END CERTIFICATE-----
This issuer of the certificate is DDoS-Filter.domain. A Google search brings up results like these that seem to indicate that this is a problem with the website that is protected with some DDos protection service that may not work properly and their certificate is send instead of the certificate from the website.