This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Getting "This Connection is Untrusted" on certain known sites

  • 6 tontu
  • 6 am na jafe-jafe bii
  • 3 views
  • i mujjee tontu mooy Bad2theBone

more options

I will get this error when accessing the following sites: 1. https://www.statefarm.com 2.https://www.cacert.org

I am using Firefox 22 on Fedora 19 x86_64 with Gnome DE

I have a 2nd system running Fedora 19 and FF 22 with no problems.

I will get this error when accessing the following sites: 1. https://www.statefarm.com 2.https://www.cacert.org I am using Firefox 22 on Fedora 19 x86_64 with Gnome DE I have a 2nd system running Fedora 19 and FF 22 with no problems.

All Replies (6)

more options

Please make sure the time and date is properly set on your computer.

more options

Correctly set with ntp enabled and configured for correct tz.

more options

Check out why the site is untrusted (click "Technical Details to expand that section) and if this is caused by a missing intermediate certificate then see if you can install this intermediate certificate from another source.

You can retrieve the certificate and check details like who issued certificates and expiration dates of certificates.

  • Click the link at the bottom of the error page: "I Understand the Risks"

Let Firefox retrieve the certificate: "Add Exception" -> "Get Certificate".

  • Click the "View..." button and inspect the certificate and check who is the issuer of the certificate.

You can see more Details like intermediate certificates that are used in the Details pane.

If "I Understand the Risks" is missing then this page may be opened in an (i)frame and in that case try the right-click context menu and use "This Frame: Open Frame in New Tab".

You can also check the certificate in Google Chrome (click icon in the location bar) as that program may be giving a more detailed error report.

more options

I've done this several times and I'll get as the actual error when I view details:

www.statefarm.com uses an invalid security certificate.

The certificate is not trusted because the issuer certificate is not trusted.

(Error code: sec_error_untrusted_issuer)

When I go to add the cert I get the following info about the ca:

(see inserted image)

I had gone through the motions of adding the certificate in Google Chrome and today it seems to be working, but not in FF. Previously (I thing on the 7th) it did not work, but I had reinstalled ca-certificates since then without rechecking it on Chrome.

more options

Do you see this certificate chain?

Try to rename the cert8.db file in the Firefox profile folder to cert8.db.old or delete the cert8.db file to remove intermediate certificates that Firefox has stored.

If that helped to solve the problem then you can remove the renamed cert8.db.old file. Otherwise you can rename (or copy) the cert8.db.old file to cert8.db to restore the previous intermediate certificates. Firefox will automatically store intermediate certificates when you visit websites that send such a certificate.

You can use this button to go to the Firefox profile folder:

  • Help > Troubleshooting Information > Profile Directory: Show Folder (Linux: Open Directory; Mac: Show in Finder)

Also check the date and time in the clock on your computer

more options

I've tried removing cert8.db about 3 times, even copied cert8.db from the working system.

My clock is right on. The BIOS is set to UTC while ntp is set to ET w/ DST enabled.