Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Èròjà atẹ̀lélànà yii ni a ti fi pamọ́ fọ́jọ́ pípẹ́. Jọ̀wọ́ béèrè ìbéèrè titun bí o bá nílò ìrànwọ́.

Why isn't the "DIgiCert Global CA G2" intermediate cert loaded in the FF trusted store?

more options

I have a website FF will not trust because the Digicert Global CA G2 intermediate isn't automatically loaded into the FF trusted store. Please add this intermediate cert ASAP.

I have a website FF will not trust because the Digicert Global CA G2 intermediate isn't automatically loaded into the FF trusted store. Please add this intermediate cert ASAP.

All Replies (3)

more options

Hi, only root certificates of certificate authorities will ship in the Firefox trust store by default. Intermediate certs that chain up to a trusted certificate authority are getting cached by Firefox for future use though. If you have a website that isn't trusted by default, it's most likely that the server isn't properly serving the intermediate certificate chained up to the trusted root. Please refer to the support resources of your cert's seller on how to implement that.

more options

You can check the server.

more options

Hi johnljordan, if you installed the certificate yourself (literally uploaded the file to the server), check your issuer's instructions on whether you need to also upload a bundle file that contains all the necessary intermediate certificates to complete the chain of trust. Usually you do.

If you bought the certificate through CPanel or it was otherwise installed by your web host, point them to your SSLLabs test results and ask them to fix it.