This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Natao arisiva ity resaka mitohy ity. Mametraha fanontaniana azafady raha mila fanampiana.

Since updating to Firefox 23.0.1, I am unable to connect to our company servers.

  • 20 valiny
  • 45 manana an'ity olana ity
  • 5 views
  • Valiny farany nomen'i LyghtChyld

more options

Since updating to Firefox 23.0.1, I am unable to connect to our company servers. The error message is "Certificate type not approved for application.", and it gives me no option to create an exception.

In previous versions, Firefox gave the option of creating a security exception, and then everything worked as expected. The new version does not give this option, and hence I cannot connect to our company servers.

I can connect using Explorer, Opera, Chrome, etc., without any problems. Only Firefox refuses to connect.

Please advice.

Since updating to Firefox 23.0.1, I am unable to connect to our company servers. The error message is "Certificate type not approved for application.", and it gives me no option to create an exception. In previous versions, Firefox gave the option of creating a security exception, and then everything worked as expected. The new version does not give this option, and hence I cannot connect to our company servers. I can connect using Explorer, Opera, Chrome, etc., without any problems. Only Firefox refuses to connect. Please advice.

All Replies (20)

more options

Try Firefox Safe Mode to see if the problem goes away. Safe Mode is a troubleshooting mode, which disables most add-ons.

(If you're not using it, switch to the Default theme.)

  • Open the Help menu and click on the Restart with Add-ons Disabled... menu item while Firefox is running.

Once you get the pop-up, just select "'Start in Safe Mode"

If the issue is not present in Firefox Safe Mode, your problem is probably caused by an extension, and you need to figure out which one. Please follow the Troubleshoot extensions, themes and hardware acceleration issues to solve common Firefox problems article for that.

To exit the Firefox Safe Mode, just close Firefox and wait a few seconds before opening Firefox for normal use again.

Please report back soon.

more options

Safe mode makes no difference, the behaviour is the same. The new Firefox refuses to allow me to create a security exception in this case, and hence I cannot access our company Web site any more.

Older versions of Firefox are fine, as are Explorer, opera, chrome, etc. Only the latest Firefox had this problem.

more options

The Reset Firefox feature can fix many issues by restoring Firefox to its factory default state while saving your essential information. Note: This will cause you to lose any Extensions, Open websites, and some Preferences.

To Reset Firefox do the following:

  1. Go to Firefox > Help > Troubleshooting Information.
  2. Click the "Reset Firefox" button.
  3. Firefox will close and reset. After Firefox is done, it will show a window with the information that is imported. Click Finish.
  4. Firefox will open with all factory defaults applied.

Further information can be found in the Refresh Firefox - reset add-ons and settings article.

Did this fix your problems?

more options

If a Reset is too drastic, consider testing a new profile and see whether it allows you to make an exception. This should help distinguish between a settings issue (e.g., corrupted file) or a program issue.

Create a new Firefox profile

The new profile will have your system-installed plugins (e.g., Flash), but no themes, extensions, or other customizations. It also should have completely fresh settings databases and a fresh cache folder.

Exit Firefox and start up in the Profile Manager using Start > search box (or Run):

firefox.exe -P

Any time you want to switch profiles, exit Firefox and return to this dialog.

When creating a new profile, I recommend using the default location suggested, and to avoid data loss, not re-using any existing folder. Before deleting unneeded profiles, I suggest making a backup first in case something were to go wrong.

Does the new profile allow you to work with that site?

more options

The problem remains even after creating a new clean profile.

The new Firefox refuses to allow me to create a security exception in this case, and hence I cannot access our company Web site any more.

Older versions of Firefox are fine, as are Explorer, opera, chrome, etc. Only the latest Firefox has this problem.

more options

Is the Add Exception button missing completely? One scenario in which Firefox does not present the Add Exception button is when the problem page is in an iframe. In that case, try right-clicking the error page and use This Frame > Open in a new tab. Not sure whether this applies to your site.

more options

Try to rename the cert8.db file in the Firefox profile folder to cert8.db.old or delete the cert8.db file to remove intermediate certificates that Firefox has stored.

If that helped to solve the problem then you can remove the renamed cert8.db.old file.
Otherwise you can rename (or copy) the cert8.db.old file to cert8.db to restore the previous intermediate certificates.
Firefox will automatically store intermediate certificates when you visit websites that send such a certificate.

If that didn't help then remove or rename secmod.db (secmod.db.old) as well.

more options

Where are those files located?

more options

Hi svensktoppen, it's very unlikely that fiddling with certificates will help, if a clean profile didn't solve the problem. Did you try Jscher's suggestion? Here it is again:

Is the Add Exception button missing completely? One scenario in which Firefox does not present the Add Exception button is when the problem page is in an iframe. In that case, try right-clicking the error page and use This Frame > Open in a new tab. Not sure whether this applies to your site.

more options

Also make sure that you do not run Firefox in (permanent) Private Browsing mode (Never Remember History).

  • Tools > Options > Privacy > Firefox will: "Use custom settings for history"
  • Deselect: [ ] "Always use private browsing mode"
more options

Deleting/recreating the certificate files had no effect.

The "iFrame" suggestion does not work either. The page does not display at all, only the Firefox error message:

"Secure Connection Failed: Certificate type not approved for application".

Again, there was no problem accessing this site in previous versions of FireFox, which allowed a security exception to be created. The new version does not, it just displays the error page with no other options.

The site is fine with all other browsers as well. They all allow a security exception to be created. The new Firefox does not.

Looks like a Firefox bug to me.

more options

Did you inspect the certificate in other browsers and possibly in Firefox?

Is the page opened in a frame if you right-click or check the page source (Ctrl+U)?

more options

The page is not opening at all. I just get the error message "Secure Connection Failed: Certificate type not approved for application".

There is no more information provided. And no means of telling the new FireFox to continue, as I know the site and the certificate are both ok.

Other browsers, as well as previous versions of Firefox would allow the creation of a security exception at this point. It appears the new Firefox blocks completely instead, making it impossible to reach my company server in this case.

Sounds like a bug.

more options

Try viewing this thread.

Or this thread.

more options

Thanks for those links. Unfortunately, neither helps in this case.

The problem is that the page is not opening at all. I just get the error message "Secure Connection Failed: Certificate type not approved for application".

There is no more information provided. And no means of telling the new FireFox to continue, even though I know the site and the certificate are both ok.

Since I cannot create a security exception, which all other browsers allow precisely to deal with these cases (including earlier versions of Firefox), I cannot access my company servers.

How do I report this bug, so it can be fixed as soon as possible?

more options

You often can work around an unrecognized root authority by exporting a certificate from another browser and importing it into Firefox as an alternative to creating an exception through the UI. However, this error message seems to be aiming at some other issue, so that might not be the problem in this case.

more options

You can try to experiment with the TLS/SSL3 setting to see if you can find a setting that works.

Current Firefox no longer have a user interface setting to disable TLS or SSL3, but you can make the change on the about:config page.

SSL3 and TLS 1.0 are enabled by default in the current Firefox release.

You can set the security.tls.version.min and security.tls.version.max prefs to 0 to disable TLS (0 means SSL3)
You may need to close and restart Firefox after changing these prefs.

security.tls.version.min = 0
security.tls.version.max = 0
0 means SSL 3.0, 1 means TLS 1.0, 2 means TLS 1.1, etc.
more options

The issue is not with SSL or TLS. The issue is with Firefox.

Thanks for all the helpful suggestions, but this is clearly a bug in Firefox, where the ability to create a security exception has been disabled in this case.

Other browsers, as well earlier versions of Firefox, allow security exceptions to be created, which completely solves the issue.

How do I go about reporting this bug?

more options

Bugs can be filed here: https://bugzilla.mozilla.org/

It would be helpful to include the details of the certificate as they appear in IE's or Chrome's certificate viewer. This will help identify the reason that Firefox is giving you that particular error (Certificate type not approved for application).

I think you can attach screen captures to a bug report if that is the easiest way to convey the information.

more options

Try setting a new DNS server that's what I had to do to solve the problem, the following link will show you how to do that.

link text