為了改善您的使用體驗,本網站正在進行維護,部分功能暫時無法使用。若本站的文件無法解決您的問題,想要向社群發問的話,請到 Twitter 上的 @FirefoxSupport 或 Reddit 上的 /r/firefox 發問,我們的社群成員將很快會回覆您的疑問。

搜尋 Mozilla 技術支援網站

防止技術支援詐騙。我們絕對不會要求您撥打電話或發送簡訊,或是提供個人資訊。請用「回報濫用」功能回報可疑的行為。

了解更多

Error code: sec_error_unknown_issuer

  • 9 回覆
  • 258 有這個問題
  • 1 次檢視
  • 最近回覆由 lith1um

more options

Hi, I have reviewed many similar posts but none of them works to fix my issue. Issue: "This Connection is Untrusted" with "sec_error_unknown_issuer ". But NO option of "I understand the risk". My firefox suddenly could not access websites such as YAHOO Mail, Google Mail, Facebook, Linkedin....etc while firefox is able to access other regular websites. Other broswers (IE, Chrome) do not have this issue.

Steps taken 1. Confirmed Date & time is correct. 2. "Certificate" shows these websites are in the list 3. Cleared Cache and cookies. 4. I am in company network. So I have to be either "auto-detect proxy" or "use system proxy setting". If I change to "no proxy", then Firefox could not get into any website. 5. deleted cert8.db

None of them worked to fix this issue. Please help to solve this issue. Thanks

Hi, I have reviewed many similar posts but none of them works to fix my issue. Issue: "This Connection is Untrusted" with "sec_error_unknown_issuer ". But NO option of "I understand the risk". My firefox suddenly could not access websites such as YAHOO Mail, Google Mail, Facebook, Linkedin....etc while firefox is able to access other regular websites. Other broswers (IE, Chrome) do not have this issue. Steps taken 1. Confirmed Date & time is correct. 2. "Certificate" shows these websites are in the list 3. Cleared Cache and cookies. 4. I am in company network. So I have to be either "auto-detect proxy" or "use system proxy setting". If I change to "no proxy", then Firefox could not get into any website. 5. deleted cert8.db None of them worked to fix this issue. Please help to solve this issue. Thanks

被選擇的解決方法

IMPORTANT: MAKE SURE YOU TRUST THE INTERMEDIARY TO READ ALL OF YOUR SECURE TRANSMISSIONS BEFORE USING THIS SOLUTION. CHECK FOR MALWARE FIRST.

Actually it was a chain of one link, then another, then a clarification, so it's probably easiest to copy/paste:

Export

  • In the IE or Chrome certificate viewer, click the cert you want to export in the Certification Path tab and use the View Certificate button to open it directly. Note: In this case, try exporting the ROOT CA certificate at the top of the path.
  • Then click the Details tab and click the Copy to file button. This starts the Export Wizard. Use the DER format and save to a convenient location.

Import

  • In Firefox, open the Certificate Manager using: "3-bar" menu button (or Tools menu) > Options > Advanced > Certificates mini-tab > "View Certificates" button
  • Click the Authorities mini-tab and then the "Import" button, and find the DER file. Note: I suggest allowing the certificate for websites only unless your IT suggests otherwise.

I am attaching some screen shots for reference.

Does it work?

從原來的回覆中察看解決方案 👍 14

所有回覆 (9)

more options

The cert8.db file you mentioned is Firefox's certificate store. Internet Explorer and Chrome share the Windows system certificate store, so they can be useful for further research.

Couple questions:

(1) Do you get the problem for ALL secure sites, including, for example, this one or my test page, or is it more selective?

https://jeffersonscher.com/res/jstest.php

(2) Is your company proxy "transparent" or does it occasionally redirect to a notification screen, for example, to warn you about leaving the network? For more information on what I'm driving at, please skim through the following thread:

Yahoo mail gives untrusted connection error (web gateway displays its own page under the address of the destination site).

more options

Hey, Jscher2000. Thanks for your feedback!

(1) No. I got the message " "This Connection is Untrusted" " as well. (though your website I could see "I understand the Risks" selection. It is selective, I think. I am able to go into some bank, credit card, brokerage trading website (assuming those are secure sites, right?)

(2) No. I have not being redirected to a notification screen (I did check the description from your provided link)

My version is 41.0 It suddenly has this issue last week. I tried to revert back to older version. 39.0 is totally fine with these websites. But some functions are not working in the older version. So hopefully this 41.0 issue could get fixed......

Very appreciated your input! Thanks!

more options

On #1, the main difference is whether the site forbids HTTP access, in that case, Firefox won't allow adding an exception, either.

On my page, could you inspect the certificate? Here's how:

Expand the "I understand the risks" section and look for an Add Exception button. You don't need to complete the process of adding an exception (I suggest not adding one until we know this isn't a malware issue) but you can use the dialog to view the information that makes Firefox suspicious.

Click Add Exception, then View. If View is not enabled, try the Get Certificate button first. Then in the Certificate Viewer, look at the "Issued by" section. What do you find there, and/or under Certificate Hierarchy? I have attached a screen shot for comparison.

more options

Thanks. Here you go. Hopefully this is helpful.

more options

I assume you see the same information if you visit the same site and check the certificate in IE or Chrome. If not, that's a red flag.

If they are all the same, does it seem normal that "Bloomberg LP" would be intercepting your internet connection? If so, you can try trusting its root certificate. Please follow the export/import procedure in the other thread I linked to earlier to add that top level ROOT CA certificate to Firefox's certificate store.

more options

Hi, Jscher2000

Do you mind giving me the link of the procedure please? Tried a while but could not find it. Thanks again!

more options

選擇的解決方法

IMPORTANT: MAKE SURE YOU TRUST THE INTERMEDIARY TO READ ALL OF YOUR SECURE TRANSMISSIONS BEFORE USING THIS SOLUTION. CHECK FOR MALWARE FIRST.

Actually it was a chain of one link, then another, then a clarification, so it's probably easiest to copy/paste:

Export

  • In the IE or Chrome certificate viewer, click the cert you want to export in the Certification Path tab and use the View Certificate button to open it directly. Note: In this case, try exporting the ROOT CA certificate at the top of the path.
  • Then click the Details tab and click the Copy to file button. This starts the Export Wizard. Use the DER format and save to a convenient location.

Import

  • In Firefox, open the Certificate Manager using: "3-bar" menu button (or Tools menu) > Options > Advanced > Certificates mini-tab > "View Certificates" button
  • Click the Authorities mini-tab and then the "Import" button, and find the DER file. Note: I suggest allowing the certificate for websites only unless your IT suggests otherwise.

I am attaching some screen shots for reference.

Does it work?

由 jscher2000 - Support Volunteer 於 修改

more options

It WORKED!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! you da man! Thanks so much for your help. Very very appreciated your help!

more options

I have had the same issue before, i tried every possible fix including exporting the root CA from Chrome and importing in Firefox but it didnt work.

Finally i downloaded ADWCleaner and it detected some strange entries in the registry that looked like proxy.data & proxy.xxx etc.

After running the cleanup process and rebooting the PC, the problem has been resolved!!