We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Untrusted connection does not contain I understand the risks

  • 22 replies
  • 49 have this problem
  • 23 views
  • Last reply by dtrager

more options

Trying to access a site where the IP has changed and receive "This Connection is Untrusted" with no option to select I understand the risks. Need assistance in resolving this.

The site worked fine prior to IP change.

Trying to access a site where the IP has changed and receive "This Connection is Untrusted" with no option to select I understand the risks. Need assistance in resolving this. The site worked fine prior to IP change.

Chosen solution

yes, sorry i did edit the second part of the question in, after i have submitted it.

normally the i know the risks section & the possibility of adding an exception should be available for this kind of error - could you check if it showing up at https://mur.at ? thank you...

Read this answer in context 👍 2

All Replies (20)

more options

what error code is shown, when you click on technical details & can you share the site where this is happening?

Modified by philipp

more options

Thanks for the quick reply. The error is (Error code: sec_error_untrusted_issuer

more options

Didn't see the second part of the question. The site is restricted and requires a certificate as well as VPN connectivity from our internal network.

more options

You can retrieve the certificate and check details like who issued certificates and expiration dates of certificates.

  • Click the link at the bottom of the error page: "I Understand the Risks"

Let Firefox retrieve the certificate: "Add Exception" -> "Get Certificate".

  • Click the "View..." button and inspect the certificate and check who is the issuer.

You can see more Details like intermediate certificates that are used in the Details pane.

Some firewalls monitor secure (https) connections and send their own certificate instead of the website's certificate.

more options

Chosen Solution

yes, sorry i did edit the second part of the question in, after i have submitted it.

normally the i know the risks section & the possibility of adding an exception should be available for this kind of error - could you check if it showing up at https://mur.at ? thank you...

more options

cor-el - The problem is there is no link for "I Understand the Risks" That is the issue I am reporting and need assistance with. There is just get me out of here.

more options

madperson - yes it does show at https://mur.at..with the ability to add the exception.

Thanks Danny

more options

can you try to remove the old certificate/exception for this site in firefox > options > advanced > encryption > view certificates > servers & see if it's working afterwards?!

more options

madperson - Tried that and no change. Closed and restarted the browser and still no difference.

more options

ok, then another thing to test: go to firefox > help > troubleshooting information and open the profile directory (then close firefox). in the profile folder rename the files cert_override.txt & cert8.db to something like oldcert... & launch firefox again.

more options

madperson - tried the last thing you suggested and still the same.

Danny

more options

hello, is the site on a ipv6 adress? then bug #633001 might be at work here (although the problem describtion slightly differs from the problem you've described)

another thing to try would be launching firefox in safemode and to see if the "i understand the risk" section is showing up, to make sure that no addons are interfering.

Troubleshoot extensions, themes and hardware acceleration issues to solve common Firefox problems

or in case this fails too, you could try exporting the certificate on another working pc (again in in firefox > options > advanced > encryption > view certificates > servers) into a certificate file & import that again on your firefox.

more options

Safemode did not make any difference. I am having the vendor for the site I am trying to access, which is really an appliance change the SSL cert on that device to see if that will make a difference. Amazing I can access it with I.E. and not Firefox. Will see if that makes a difference.

Will let you know how this progresses.

Thanks Danny

more options

I have a very specific case where I can reproduce this - we basically have the browser pointing to one https URL, and an iframe on it pointing to a different https URL. The untrusted connection in the iframe does not have the "I understand the risks" option. This is a regression from the previous releases.

This is reproducible on FFox 13.0, cleanly installed on a fresh Windows 7 64bit.

I'll be happy to repost this as a new issue if you think it is unrelated to the one in this thread.

more options

hey shrenikd, thank you for looking into the issue. did the regression occur when updating from firefox 12 to v13?

in case you can reproduce the issue, i'd recommend filing a bug report with a detailed description of the issue at https://bugzilla.mozilla.org so that the developers get aware of the issue directly.

more options

Can you add an exception directly via the Certificate Manager?

  • Tools > Options > Advanced : Encryption: Certificates - View Certificates > Servers
more options

madperson: I just found out that this has already been filed - https://bugzilla.mozilla.org/show_bug.cgi?id=756841
I did not test v12 -> v13 since I didn't have a v12, but I clearly remember not hitting this issue on some previous version of Firefox (which unfortunately I don't remember).

cor-el: I opened the iframe in a new tab, added an exception under the "I understand the risks" section and the error didn't show up again as expected. However, the problem is not the error showing up (since it should when the cert is untrusted), but its the missing "I understand the risks" option.

Modified by cor-el

more options

hello shrenikd & dtrager - apparently the hiding of the possibility to add exceptions in an iframe is by design in order to avoid fraudulent attempts to apply a certificate to users who think they are on a different page (see new comments on the bug).

@dtrager - in case the page you're trying to access is embedded in an iframe, right-click the error page, click on "this frame" > "show only this frame" and hopefully you can add an exception in the next step. this should only be necessary once if you choose to permanently store the exception.

more options

@madperson - that helps as it allows access, however not able to add the exception permanently. So it is a work around for the moment until we can figure out what the issue is with the certificates.

Appreciate all of the assistance and suggestions.

Have a great day.

Danny

more options

I have resolved this issue. What I had to do was the following:

right click on the iframe and select view frame info. Copy the address that is presented and add it to server certificates. It allows you to add the exception permanently.

Appreciate the assistance, suggestions etc.

Danny

  1. 1
  2. 2