ابحث في الدعم

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Missing Microsoft certificates (SEC_ERROR_UNKNOWN_ISSUER)

more options

Hi guys,

I'm running Firefox ESR 52.4.0 (Debian) and 52.4.1 (Windows) and noticed that some Microsoft certificates are not installed by default. https://www.catalog.update.microsoft.com/ gives SEC_ERROR_UNKNOWN_ISSUER.

It turned out, that e. g. Microsoft IT TLS CA 5 is not installed by default.

Source: https://www.microsoft.com/pki/mscorp/cps/default.htm

Installing the certificate manually, solved the issue.

Is it a bug or a feature?

Hi guys, I'm running Firefox ESR 52.4.0 (Debian) and 52.4.1 (Windows) and noticed that some Microsoft certificates are not installed by default. https://www.catalog.update.microsoft.com/ gives SEC_ERROR_UNKNOWN_ISSUER. It turned out, that e. g. Microsoft IT TLS CA 5 is not installed by default. Source: https://www.microsoft.com/pki/mscorp/cps/default.htm Installing the certificate manually, solved the issue. Is it a bug or a feature?

All Replies (4)

more options

Firefox ships with certain trusted root certificates, but most website certificates do require one or more intermediate certificates to complete the chain of trust up to the root.

Usually if a site sends the intermediate certificate to Firefox, there's no problem. It seems fine for me accessing right now in Firefox 56. Also, the SSLLabs test page shows no problems. Perhaps it was a transient glitch?

Large sites that use a Content Distribution Network occasionally have a misconfigured server that doesn't send the intermediate cert(s), so that also could be a factor.

more options

Hmm,

Firefox 57 has the same issue. After creating new profiles, the issue persists.

I'm gonna do some tests later. Thanks for your reply and your technical details.

more options
more options

@Pkshadow

Nope. You are referring to a knowledge base article, not a question.