Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Wannan tattunawa ta zama daɗaɗɗiya. Yi sabuwar tambaya idan ka na bukatar taimako.

SSL Certificates - sec_error_unknown_issuer

  • 17 amsoshi
  • 287 sa na da wannan matsala
  • 1 view
  • Amsa ta ƙarshe daga cor-el

more options

Fix your browser already. Getting these SSL errors on every other site is starting to really get annoying! There is nothing wrong with the SSL certificates or the sites. It's your browser that is unable to verify the certificates.

http://i.imgur.com/52qSNXt.png

Latest addition to the sites that do not work: https://www.inspirepay.com

The latest browser causing nothing but trouble for clients.

Edited for language. Please see Mozilla Support rules and guidelines

Fix your browser already. Getting these SSL errors on every other site is starting to really get annoying! There is nothing wrong with the SSL certificates or the sites. It's your browser that is unable to verify the certificates. http://i.imgur.com/52qSNXt.png Latest addition to the sites that do not work: https://www.inspirepay.com The latest browser causing nothing but trouble for clients. ''Edited for language. Please see [[Forum rules and guidelines]]''

An gyara daga Moses

Mafitar da aka zaɓa

Quote: The browser should come with all Certificate Authorities

Note that Mozilla has a strong policy to decide which CA to include with root certificates.

Required intermediate certificates need to be send by the server to make it possible to build a certificate chain that ends in a root certificate.

Karanta wannan amsa a matsayinta 👍 5

All Replies (17)

more options

hello, the site you provided works fine here - most of the time this kind of error isn't due to an issue with the browser itself, but because security software (which one are you using?) or other potentially unwanted software that is monitoring or intercepting encrypted network traffic on your pc - which looks like a man-in-the-middle attack in firefox & therefore the warning...

could you tell us which issuer information the certificate does contain when you inspect it (see screenshot)?

more options

though on closer inspection the site you have referenced, doesn't properly include its intermediate certificate, so this can lead to problems in certain situations: http://www.sslshopper.com/ssl-checker.html#hostname=https://www.inspirepay.com/

you might have to install the right intermediate certificate manually. go to https://support.comodo.com/index.php?_m=downloads&_a=viewdownload&downloaditemid=62&nav=0,20 and download the .crt file. then in firefox go to options > advanced > certificates > view certificates > import... & leave all the checkboxes unticked in the upcoming confirmation dialog...

more options

It is the first certificate ([Intermediate #3] EssentialSSLCA) as listed on this page:

Note that Firefox stores intermediate certificates automatically, so if you have visited a web server before that has send this certificate then you won't get this error.

more options

Why can every other browser like Chrome deal with this without an issue?

The browser should come with all Certificate Authorities and intermediates or at least update them when needed. They are Certificate Authorities for a reason.

An gyara daga skyrant

more options

You wouldn't have seen this error in Firefox if you have visited a web server before that has send this intermediate certificate: philipp wrote above: hello, the site you provided works fine here, so apparently you already had this certificate installed like a lot of us have if you visit many website and have used a specific profile for a longer period (cert8.db isn't included in a reset).

more options

Just for shits and giggles i did a clean install of Win7 + Chrome + IE + Firefox in a VM.

First site i browsed to was: https://www.inspirepay.com

Every browser worked except Firefox.

I rest my case. Fix your browser.

more options

Zaɓi Mafita

Quote: The browser should come with all Certificate Authorities

Note that Mozilla has a strong policy to decide which CA to include with root certificates.

Required intermediate certificates need to be send by the server to make it possible to build a certificate chain that ends in a root certificate.

more options

Hi,

I've experienced this problem too, I keep encountering the same problem with the certificate cannot be found and so I cannot continue to confirm the exception.

What I tried to do is within the Confirm Security Exception dialog (or whatever it is) is change the https to http on the address bar there and the error message changed -- not to mention that the "Confirm Security Exception" button is also enabled after that. I clicked the Exception button to proceed and I think I bypassed it properly.

Hope this helps.

more options

I can't visit Yahoo. I can't visit Google. I can't download FireBug. I can't even visit your very own Firefox themes page http://i58.tinypic.com/106afyb.jpg Fix your browser!

An gyara daga Moses

more options

Hi destinedjagold

Did you check the date and time in the clock on your computer?

You can retrieve the certificate and check details like who issued certificates and expiration dates of certificates.

  • Click the link at the bottom of the error page: "I Understand the Risks"

Let Firefox retrieve the certificate: "Add Exception" -> "Get Certificate".

  • Click the "View..." button and inspect the certificate and check who is the issuer of the certificate.

You can see more Details like intermediate certificates that are used in the Details pane.

If "I Understand the Risks" is missing then this page may be opened in an (i)frame and in that case try the right-click context menu and use "This Frame: Open Frame in New Tab".

Note that some firewalls monitor (secure) connections and that programs like Sendori or FiddlerRoot can intercept connections and send their own certificate instead of the website's certificate.

An gyara daga cor-el

more options

I do not want to keep on clicking the "I Understand the Risks" button every.single.freaking.time. I should just go back to Chrome. Let me know when this error is fixed.

more options

I'm having the same problem but with many sites I visited yesterday just fine -- Facebook, Dropbox, and others. ALL obviously trusted sites. The problem most certainly IS with Firefox, and don't give a bunch of crap about what "should" be fine. Some of my error messages aren't even giving me the option of saying "go ahead, I understand the risks." There must be SOME kind of way to change settings or something.

more options

Did you check who is the issuer of the certificate?

Check the date and time in the clock on your computer: (double) click the clock icon on the Windows Taskbar.

Check out why the site is untrusted and click "Technical Details to expand this section.
If the certificate is not trusted because no issuer chain was provided (sec_error_unknown_issuer) then see if you can install this intermediate certificate from another source.

You can retrieve the certificate and check details like who issued certificates and expiration dates of certificates.

  • Click the link at the bottom of the error page: "I Understand the Risks"

Let Firefox retrieve the certificate: "Add Exception" -> "Get Certificate".

  • Click the "View..." button and inspect the certificate and check who is the issuer of the certificate.

You can see more Details like intermediate certificates that are used in the Details pane.

If "I Understand the Risks" is missing then this page may be opened in an (i)frame and in that case try the right-click context menu and use "This Frame: Open Frame in New Tab".

Note that some firewalls monitor (secure) connections and that programs like Sendori or FiddlerRoot can intercept connections and send their own certificate instead of the website's certificate.

more options

What is an "(i)frame"? Not everybody is a code freak. I'm with the other guy -- FIX your browser! OR AT LEAST tell ME how to fix it in PLAIN ENGLISH.

An gyara daga Moses

more options

I was able to fix this on a friend's Windows 8 PC by uninstalling a piece of software called "Browser Secureguard". Apparently, this is a sneaky piece of Adware that does some tricky things with proxies to serve up video ads while browsing.

more options

I have normal class 1 startssl certificate which uses tons of sites but mine doesnt work too ( http://i.imgur.com/mVt7FLs.png ). Any help? Every other browser works for me as well just fine

more options

The www.vcklan.cz server doesn't send a required intermediate certificate.

  • StartCom Class 1 Primary Intermediate Server CA

You can inspect the certificate chain via a site like this:

You will have to install the intermediate certificate on the server, so that Firefox can build a certificate chain that end to the built-in StartCom Certification Authority root certificate.

The StartCom servers seem to been down for maintenance at this moment, so I can't check for details.