LeaderSSL-Support: offline:
Mo-Fr 9:00 - 18:00 MEZ
Kundendienst Abrechnung:

Montag - Freitag:
9:00 - 18:00 MEZ

Technischer Support:

Montag - Freitag:
9:00 - 18:00 MEZ

Bestellsystem/Zertifikatsausstellung:

Rund um die Uhr

  1. Hilfe
  2. SSL Hilfe
  3. Firefox HTTPS Error Codes

Sie fragen - wir antworten!

Firefox HTTPS Error Codes

Firefox HTTPS Error Codes

If Firefox cannot verify the authenticity of a certificate, it will display the page “Your connection is not secure” with an error code.

In this article, we will review the following error codes: SEC_ERROR_UNKNOWN_ISSUER, MOZILLA_PKIX_ERROR_MITM_DETECTED, ERROR_SELF_SIGNED_CERT.

If you see an error page with the message "SEC_ERROR_UNKNOWN_ISSUER" or "MOZILLA_PKIX_ERROR_MITM_DETECTED", this means that the certificate was issued by a certification authority unknown to Firefox.

One of two things might happen: this warning appears on a variety of HTTPS sites or this warning only pops up on one specific site. Let's look at both cases, because the causes and ways to get rid of the warning will vary.

1) Warning pops up on different HTTPS sites

If the MOZILLA_PKIX_ERROR_MITM_DETECTED error occurs on different HTTPS sites that are not related to each other, this could mean that your connection is being intercepted by a proxy server. The reasons for this may vary:

  • Antivirus and security scanners that analyze encrypted connections.
  • Malicious software that performs certificate spoofing.

If the error was caused by the antivirus, the general solution is as follows: you need to reinstall the antivirus software so that Firefox automatically inserts its security certificates into own certificate store.

There are also solutions for individual antiviruses:

Avast

Interception of secure connections in Avast can be disabled using the following steps:

  1. Go to Avast.
  2. Go to Menu> Settings> Components and select Customise.
  3. Untick Enable HTTPS Scanning item. Click OK.

Bitdefender

In Bitdefender, you can disable the interception of secure connections as follows:

  1. Open the Bitdefender application
  2. In Bitdefender 2016, go to the Modules section. In Bitdefender 2015 go to the Protection section. 
  3. Choose Web Protection.
  4. Disable Scan SSL.

Kaspersky

Disabling interception of secure connections in Kaspersky is as follows: 

  1. Open antivirus.
  2. Select Settings in the bottom-left corner.
  3. Choose Additional -> Network
  4. If you are using a version of Kaspersky 2016, then in the section “Encrypted connections scanning” select the item “Do not scan encrypted connections”. If you are using a version of Kaspersky 2015, then untick “Scan encrypted connections”.
  5. Restart the system for the changes to take effect.

Other antiviruses should have similar options.

What other reasons may lead to errors "SEC_ERROR_UNKNOWN_ISSUER" or "MOZILLA_PKIX_ERROR_MITM_DETECTED":

  • Family Safety settings in Windows®.
  • Corporate traffic filtering / monitoring solutions (contact your IT department to solve this problem).
  • Malicious software.

2) Warning pops up only on one site

If the warning appears only on one particular site, then this indicates that the web server has the wrong settings. Below we will look at some common reasons for this:

The certificate is issued by a certification authority owned by Symantec. Starting with Firefox 63, all Symantec certificates (as well as GeoTrust, RapidSSL, Thawte) automatically lost trust in Mozilla.

In this case, the warning MOZILLA_PKIX_ERROR_ADDITIONAL_POLICY_CONSTRAINT_FAILED (or SEC_ERROR_UNKNOWN_ISSUER) is displayed.

The site administrators had to re-issue their Symantec SSL certificates to DigiCert with Digicert roots.

No intermediate certificates. In this case, the problem is solved by restoring the full certificate chain.

Self-signed certificates. Such certificates generate an ERROR_SELF_SIGNED_CERT error in Firefox. By default, they are not trusted.

How to solve the problem for a separate site

Attention: we strongly recommend that you DO NOT make an exception for well-known sites (Facebook, Google, etc.) or sites where financial transactions take place. In this case, an invalid certificate indicates the risk of interception of your connection by third parties.

How to add a site to browser exceptions:

  1. On the warning page, select Advanced item.
  2. Click Add Exception… 
  3. Analyse the certificate and select Confirm Security Exception if you are sure that the site can be trusted.

Done! If you have any questions, please contact our managers.

 

#firefox #Fehlercode

Haben Sie noch Fragen? Schreiben Sie uns!

Ich akzeptiere die Bedingungen

Mit der Eingabe Ihrer E-Mail bestätigen Sie, dass Sie die Website gelesen und akzeptiert haben Geschäftsbedingungen, Datenschutzrichtlinie und Geld-zurück-Garantie.

>