This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

This Connection is untrusted (issuer certificate not trusted)

  • 12 replies
  • 96 have this problem
  • 30 views
  • Last reply by pppeater

more options

For the past week I have been unable access internet sites via firefox. I keep getting the "The connection is untrusted" error. It does not matter what site, be it google, Mozilla or Yahoo mail.

I have deleted the cert8.db file, cleaned my history and cache and reset firefox but nothing helps. When I go through the "I understand the risk" steps the sites load but not properly. Usually no pictures will load.

For the past week I have been unable access internet sites via firefox. I keep getting the "The connection is untrusted" error. It does not matter what site, be it google, Mozilla or Yahoo mail. I have deleted the cert8.db file, cleaned my history and cache and reset firefox but nothing helps. When I go through the "I understand the risk" steps the sites load but not properly. Usually no pictures will load.

All Replies (12)

more options

hello Glockstr, what is the error code that shows under technical details on the error page & what kind of security software is running on your system?

more options

Check the date and time in the clock on your computer: (double) click the clock icon on the Windows Taskbar.

Check out why the site is untrusted (click "Technical Details to expand that section) and if this is caused by a missing intermediate certificate then see if you can install this intermediate certificate from another source.

You can retrieve the certificate and check details like who issued certificates and expiration dates of certificates.

  • Click the link at the bottom of the error page: "I Understand the Risks"

Let Firefox retrieve the certificate: "Add Exception" -> "Get Certificate".

  • Click the "View..." button and inspect the certificate and check who is the issuer of the certificate.

You can see more Details like intermediate certificates that are used in the Details pane.

If "I Understand the Risks" is missing then this page may be opened in an (i)frame and in that case try the right-click context menu and use "This Frame: Open Frame in New Tab".

Note that some firewalls monitor secure (https) connections and send their own certificate instead of the website's certificate.

  • ESET setup -> advanced setup -> extend web and email tree -> SSL
  • SSL protocol: Do not scan SSL protocol
more options

www.google.com uses an invalid security certificate.

The certificate is not trusted because the issuer certificate is not trusted.

(Error code: sec_error_untrusted_issuer)

It is a work computer and I believe we use McAffee.

I follow the other directions and viewed the certificate. All looks OK, my time is correct, the certificate isn't set to expire till sometime in October.

Modified by Glockstr

more options

Who is the issuer of the certificate?

more options

When you view the certificate, do you see anything unusual? I've attached what I see for comparison.

more options

In case the OCSP check is failing, can you see whether you've made that mandatory?

orange Firefox button (or Tools menu) > Options > Advanced > Certificates > "Validation" button

Default is first box checked, second box not checked.

more options

Here is a screen shot of the certificate info I get on this site.

On my browser the OCSP is just as you described. The first box is checked and the second is not.

more options

The screenshot shows that the certificate has been released by "proxysg03", so you appear to be using a proxy.

more options

I am not familiar with proxy's but I don't doubt it since this is a work computer. IE and Chrome seem to access the same pages without a problem. I noticed that the problem mainly occurs when the https prefix is used. If I remove the "s" from the address I connect fine but of course can't log into a site without the secured protocol.

more options

You can check the connection settings here:

If you do not need to use a proxy to connect to internet then try to select "No Proxy" if "Use the system proxy settings" or one of the others do not work properly.

See "Firefox connection settings":

If you use a proxy and such a proxy doesn't tunnel HTTPS traffic, but builds their own connection and generates its own certificate then only installing a root certificate of that proxy would prevent getting an untrusted error page.

more options

maybe there is software running on your work computer that monitors or filters webtraffic - when firefox is connecting to secure websites (stating with https://) that looks like a man-in-the-middle attack and since it's not connected to the websites in question directly that's why firefox shows the error page...

more options

I had this issue on my work computer. It appears that the proxy was intercepting the certificate and returning itself as the issuer. For some reason Firefox did not like that. Anyway, I was able to export the proxy certificate from Chrome and import it into Firefox: Options > Advanced > View Certificates > Authorities > Import