How to view untrusted cert when exception is not available?
I'm trying to troubleshoot an issue were firefox refuses to connect to multiple sites due to the cert not from a known CA (or at least that's what I understand from the error message). I believe the issue is due to the proxy but I need to see the cert to get more information Firefox however, will NOT let me look at the cert and I can't for the life of me find an answer. Exception is not available on these sites so I can't do anything other than look at the error.
Обране рішення
Does this alternative work?
Open this chrome URI by pasting or typing this URI in the location/address bar to open the window to check the certificate:
- chrome://pippki/content/exceptionDialog.xul
In the location field enter the URL of the website
- retrieve the certificate via the "Get certificate" button
- inspect the certificate via the "View..." button
Усі відповіді (4)
Example of the error:
gmail.com uses an invalid security certificate. The certificate is not trusted because the issuer certificate is unknown. The server might not be sending the appropriate intermediate certificates. An additional root certificate may need to be imported. Error code: SEC_ERROR_UNKNOWN_ISSUER
There is security software like Avast, Kaspersky, BitDefender and ESET that intercept secure connections and send their own certificate.
https://support.mozilla.org/en-US/kb/firefox-cant-load-websites-other-browsers-can
https://support.mozilla.org/en-US/kb/firefox-and-other-browsers-cant-load-websites
https://support.mozilla.org/en-US/kb/secure-connection-failed-error-message
https://support.mozilla.org/en-US/kb/connection-untrusted-error-message
http://kb.mozillazine.org/Error_loading_websites
- uses an invalid security certificate SSL_ERROR_BAD_CERT_DOMAIN
- configured their website improperly
How to troubleshoot the error code "SEC_ERROR_UNKNOWN_ISSUER" on secure websites https://support.mozilla.org/en-US/kb/troubleshoot-SEC_ERROR_UNKNOWN_ISSUER
Вибране рішення
Does this alternative work?
Open this chrome URI by pasting or typing this URI in the location/address bar to open the window to check the certificate:
- chrome://pippki/content/exceptionDialog.xul
In the location field enter the URL of the website
- retrieve the certificate via the "Get certificate" button
- inspect the certificate via the "View..." button
We don't use a traditional av agent at work so connections aren't rerouted
cor-el, thank you. I was able to pull the cert through the page. Although I believe I tried that before and it didn't work. I find it strange that firefox wont let me look at the offending cert directly from the error page; it makes it very hard to troubleshoot issues.