This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

تلاش سپورٹ

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

مزید سیکھیں

Missing Microsoft certificates (SEC_ERROR_UNKNOWN_ISSUER)

  • 4 جواب دیں
  • 1 میں یہ مسئلہ ہے
  • 3 دیکھیں
  • آخری جواب بذریعہ RANDOM_ACCOUNT

more options

Hi guys,

I'm running Firefox ESR 52.4.0 (Debian) and 52.4.1 (Windows) and noticed that some Microsoft certificates are not installed by default. https://www.catalog.update.microsoft.com/ gives SEC_ERROR_UNKNOWN_ISSUER.

It turned out, that e. g. Microsoft IT TLS CA 5 is not installed by default.

Source: https://www.microsoft.com/pki/mscorp/cps/default.htm

Installing the certificate manually, solved the issue.

Is it a bug or a feature?

Hi guys, I'm running Firefox ESR 52.4.0 (Debian) and 52.4.1 (Windows) and noticed that some Microsoft certificates are not installed by default. https://www.catalog.update.microsoft.com/ gives SEC_ERROR_UNKNOWN_ISSUER. It turned out, that e. g. Microsoft IT TLS CA 5 is not installed by default. Source: https://www.microsoft.com/pki/mscorp/cps/default.htm Installing the certificate manually, solved the issue. Is it a bug or a feature?

تمام جوابات (4)

more options

Firefox ships with certain trusted root certificates, but most website certificates do require one or more intermediate certificates to complete the chain of trust up to the root.

Usually if a site sends the intermediate certificate to Firefox, there's no problem. It seems fine for me accessing right now in Firefox 56. Also, the SSLLabs test page shows no problems. Perhaps it was a transient glitch?

Large sites that use a Content Distribution Network occasionally have a misconfigured server that doesn't send the intermediate cert(s), so that also could be a factor.

more options

Hmm,

Firefox 57 has the same issue. After creating new profiles, the issue persists.

I'm gonna do some tests later. Thanks for your reply and your technical details.

more options
more options

@Pkshadow

Nope. You are referring to a knowledge base article, not a question.