I cannot override my "SEC_ERROR_UNKNOWN_ISSUER" because there is no "Add Exception" link after I click on "Advanced".
I followed the instructions on the support article about this error, but I cannot override the error as it describes because after I click on "Advanced", there is no "Add Exception" link or button. This is a US government website that has worked on this laptop, on my Firefox browser, until this day.
Here is the original message that comes up when I attempt to load the page:
"The owner of wawf.eb.mil has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.
This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox may only connect to it securely. As a result, it is not possible to add an exception for this certificate."
Then, when I click on "Advanced", it says:
"The certificate is not trusted because the issuer certificate is unknown. The server might not be sending the appropriate intermediate certificates. An additional root certificate may need to be imported."
Thank you kindly for your time and help!
Vybrané riešenie
It is impossible to add a security exception for HSTS enabled websites :(
You could try clearing your history, that removes the HSTS info sometimes.
Čítať túto odpoveď v kontexte 👍 3Všetky odpovede (7)
Vybrané riešenie
It is impossible to add a security exception for HSTS enabled websites :(
You could try clearing your history, that removes the HSTS info sometimes.
That website uses DoD certificates.
See:
PKI CA Certificate Bundles: PEM Self-Extracting ZIP:
Thank you for that information. Unfortunately, I am not a CAC user and accessed the website previously in a non-CAC way, through username and password. Even if I were to set up a CAC reader like those links describe, I wouldn't be able to use it. I do appreciate your time and effort, though!
Sakuhl said
It is impossible to add a security exception for HSTS enabled websites :( You could try clearing your history, that removes the HSTS info sometimes.
Thank you for that information! That does explain the reason for the lack of "exception" option. I will try to clear my browser's history, cookies, and cache when I get to a working stopping point, but I do clear it fairly frequently and have not had this problem before. I'll update once I've tried it again.
You do not need to have a CAC, you only need to install the DoD certificates.
You can use these instructions for Linux to import the DOD certificates in the Firefox Certificate Manager.
See Install the DoD Root and Intermediate CA Certificates
cor-el said
You do not need to have a CAC, you only need to install the DoD certificates. You can use these instructions for Linux to import the DOD certificates in the Firefox Certificate Manager. See Install the DoD Root and Intermediate CA Certificates
Thank you, I appreciate the depth of your answer. After I cleared my history/cache/cookies under guidance of the last poster, I was able to gain access. You answer may have been a good solution, but I didn't need to get that far. Thanks again!
There should be no need to create an exception if you can easily fix this by adding the required certificates to the Firefox Certificate Manager. Creating an exception should be the last resort when you can't fix it otherwise. All government website use these DoD certificates and they may have been installed in Windows in case other browsers work, but Firefox uses its own certificate store and you need to install certificates yourself.