This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Error code: sec_error_untrusted_issuer but 'This site provides valid, verified identification.'

  • 2 replies
  • 114 have this problem
  • 4 views
  • Last reply by cor-el

more options

I cannot access GMail because I get the 'This Connection is Untrusted' page.

The Technical Details are:

mail.google.com uses an invalid security certificate. The certificate is not trusted because the issuer certificate is not trusted. (Error code: sec_error_untrusted_issuer)

If I click 'Add Exception', in Certificate Status, it says, 'This site provides valid, verified identification. There is no need to add an exception.'

My machine is on a corporate site, behind a firewall and proxy server. The proxy server substitutes the certificate so although it's called mail.google.com, it's issued by our internal CA. I've added the internal CA certificate to the Authorities list (by importing it to Servers and then selecting 'Trust the authenticity of this certificate').

I cannot access GMail because I get the 'This Connection is Untrusted' page. The Technical Details are: mail.google.com uses an invalid security certificate. The certificate is not trusted because the issuer certificate is not trusted. (Error code: sec_error_untrusted_issuer) If I click 'Add Exception', in Certificate Status, it says, 'This site provides valid, verified identification. There is no need to add an exception.' My machine is on a corporate site, behind a firewall and proxy server. The proxy server substitutes the certificate so although it's called mail.google.com, it's issued by our internal CA. I've added the internal CA certificate to the Authorities list (by importing it to Servers and then selecting 'Trust the authenticity of this certificate').

All Replies (2)

more options

Make sure you have SSL and TLS on, they are in the advanced options menu.

ARTICLES TO READ.

AND

more options

Try to remove that CA certificate and re-import it once again.

You can also try to delete or rename the cert8.db file before importing this proxy CA certificate.

Did you place a tick in all trust bits (Edit)?