為了改善您的使用體驗,本網站正在進行維護,部分功能暫時無法使用。若本站的文件無法解決您的問題,想要向社群發問的話,請到 Twitter 上的 @FirefoxSupport 或 Reddit 上的 /r/firefox 發問,我們的社群成員將很快會回覆您的疑問。

搜尋 Mozilla 技術支援網站

防止技術支援詐騙。我們絕對不會要求您撥打電話或發送簡訊,或是提供個人資訊。請用「回報濫用」功能回報可疑的行為。

了解更多

SEC_ERROR_UNKNOWN_ISSUER

  • 3 回覆
  • 1 有這個問題
  • 1 次檢視
  • 最近回覆由 cor-el

more options

We have upgraded to Firefox version 67 recently and the warning message SEC_ERROR_UNKNOWN_ISSUER was shown on every startup of our web application.

In our environment, we are using the root certificate generated by our enterprise.

Before upgrade, the warning message can be dismissed by applying the following policies in policies.json. But it does not work after upgrade. Anyone can help? Thanks. {

   "policies": {
       "Certificates": {
           "ImportEnterpriseRoots": true
       },
  }
 }
We have upgraded to Firefox version 67 recently and the warning message SEC_ERROR_UNKNOWN_ISSUER was shown on every startup of our web application. In our environment, we are using the root certificate generated by our enterprise. Before upgrade, the warning message can be dismissed by applying the following policies in policies.json. But it does not work after upgrade. Anyone can help? Thanks. { "policies": { "Certificates": { "ImportEnterpriseRoots": true }, } }

所有回覆 (3)

more options

There is security software like Avast, Kaspersky, BitDefender and ESET that intercept secure connection certificates and send their own.

https://support.mozilla.org/en-US/kb/firefox-cant-load-websites-other-browsers-can

https://support.mozilla.org/en-US/kb/firefox-and-other-browsers-cant-load-websites

https://support.mozilla.org/en-US/kb/secure-connection-failed-error-message

https://support.mozilla.org/en-US/kb/connection-untrusted-error-message

Websites don't load - troubleshoot and fix error messages

http://kb.mozillazine.org/Error_loading_websites

What do the security warning codes mean


  • MOZILLA_PKIX_ERROR_MITM_DETECTED
  • uses an invalid security certificate SSL_ERROR_BAD_CERT_DOMAIN
  • configured their website improperly

How to troubleshoot the error code "SEC_ERROR_UNKNOWN_ISSUER" on secure websites https://support.mozilla.org/en-US/kb/troubleshoot-SEC_ERROR_UNKNOWN_ISSUER

more options

Is the site certificate directly signed by the root certificate, or are there any intermediate certificates?

Firefox 67 added a feature to import intermediate certificates as well as roots, which I suppose could affect the validity of the certificate chain as a whole if there is conflicting information there, or the intermediates supersede the roots somehow. ??

A moderator can move this thread to the "Firefox for Enterprise" board where policy issues are best addressed.

more options

Maybe try to remove existing intermediate certificates for this connection in the Certificate Manager to see if that has effect.