Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

ابحث في الدعم

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

I am getting an Insecure Connection issue when I try to go to YouTube. I have tried multple solutions, including the ones on here. What is the solution?

more options

This is the entire message I receive from the site:

Your connection is not secure

The owner of www.youtube.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.

This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox may only connect to it securely. As a result, it is not possible to add an exception for this certificate.

Learn more…

Report errors like this to help Mozilla identify and block malicious sites

www.youtube.com uses an invalid security certificate.

The certificate is not trusted because the issuer certificate is unknown. The server might not be sending the appropriate intermediate certificates. An additional root certificate may need to be imported.

Error code: SEC_ERROR_UNKNOWN_ISSUER

This is the entire message I receive from the site: Your connection is not secure The owner of www.youtube.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website. This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox may only connect to it securely. As a result, it is not possible to add an exception for this certificate. Learn more… Report errors like this to help Mozilla identify and block malicious sites www.youtube.com uses an invalid security certificate. The certificate is not trusted because the issuer certificate is unknown. The server might not be sending the appropriate intermediate certificates. An additional root certificate may need to be imported. Error code: SEC_ERROR_UNKNOWN_ISSUER

All Replies (7)

more options

Hi Hesta, the SEC_ERROR_UNKNOWN_ISSUER may indicate a "man in the middle" of your connection to the site. Could you check this article to see whether any of "the usual suspects" might be coming into play:

How to troubleshoot security error codes on secure websites

Since it is video-specific, do you use any video recording or downloading programs that might be inserting themselves into the connection?


One way to check for more information is to click the SEC_ERROR_UNKNOWN_ISSUER code on the error page and check the additional information Firefox displays. If there is a block of gibberish, that's an encoded version of the suspicious certificate. You could copy/paste that into a reply for a volunteer to decode. (If you want to try it yourself, I usually use this page: https://certlogik.com/decoder/.)

more options

The How to troubleshoot the error code "SEC_ERROR_UNKNOWN_ISSUER" on secure websites link doesn't help and that is the entire message received via Firefox. When I try Edge, it is all just the coding that shows up, however, I get the exact same message on Chrome as on Firefox. I do not use any video recording or downloading programs. I even tried other options to try and get around the issue with no resolution.

more options

If you click the underlined SEC_ERROR_UNKNOWN_ISSUER on the error page, does Firefox show the encoded version of the certificate?

more options

https://www.youtube.com/ Peer’s Certificate issuer is not recognized. HTTP Strict Transport Security: true HTTP Public Key Pinning: true Certificate chain: -----BEGIN CERTIFICATE----- MIIDXTCCAsqgAwIBAgIQoUlk7lTDBZZKbdMNciw/1DAJBgUrDgMCHQUAMIGLMSsw KQYDVQQLEyJDcmVhdGVkIGJ5IGh0dHA6Ly93d3cuZmlkZGxlcjIuY29tMSEwHwYD VQQKHhgARABPAF8ATgBPAFQAXwBUAFIAVQBTAFQxOTA3BgNVBAMeMABEAE8AXwBO AE8AVABfAFQAUgBVAFMAVABfAEYAaQBkAGQAbABlAHIAUgBvAG8AdDAeFw0xNTAx MjgwNzAwMDBaFw0yNjAxMjgwNjU5NTlaMGoxKzApBgNVBAsTIkNyZWF0ZWQgYnkg aHR0cDovL3d3dy5maWRkbGVyMi5jb20xITAfBgNVBAoeGABEAE8AXwBOAE8AVABf AFQAUgBVAFMAVDEYMBYGA1UEAxMPd3d3LnlvdXR1YmUuY29tMIGfMA0GCSqGSIb3 DQEBAQUAA4GNADCBiQKBgQDj6m/g1Qp3YnEUj50USsXehoVhtf4isQnshTIgyu01 zNlFfrQtRlIAIGQfWBXhdKA8LR2XTSCvcEFtOOwWvVHZC0XTqAtu5lV4VaYGfpUO x+yox7IJJAYMuPyPWI0gyGmu5OthO9rmraWE61GwugeiknlBYocLXZuln+CLkYGv FwIDAQABo4HpMIHmMAwGA1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEw gcAGA1UdAQSBuDCBtYAQ4ov/tx9b/SR/mc0jfUQklqGBjjCBizErMCkGA1UECxMi Q3JlYXRlZCBieSBodHRwOi8vd3d3LmZpZGRsZXIyLmNvbTEhMB8GA1UECh4YAEQA TwBfAE4ATwBUAF8AVABSAFUAUwBUMTkwNwYDVQQDHjAARABPAF8ATgBPAFQAXwBU AFIAVQBTAFQAXwBGAGkAZABkAGwAZQByAFIAbwBvAHSCELYUUwD/cT2rQ+BnPB2y YhIwCQYFKw4DAh0FAAOBgQAouVL8Lqolls4O/a6HAhlgRsz2/mrNock3GxMtcooc yPz7fX7Dcu5+a6iYZs2WmK+UXBf1vMgiNGpSVBZXVrNYkWdFrHgeWqotsZGMqwlY xDklQdF4IlKMxcTJtf5UeJHgvs/P7ulN5sYscpqYtHcAY9T99Me7kZKqKwMn6xn8 OA== -----END CERTIFICATE-----

more options

That's the "DO_NOT_TRUST_FiddlerRoot" certificate. I don't know why that is showing up on YouTube and not affecting other sites. This is the only site that has given you an untrusted connection recently?

I assume you do not use Telerik's Fiddler HTTP debugging proxy. So that makes it very suspicious. In 2015, numerous users somehow installed a program named BrowserSafeguard, BrowserSafe, or SafeGuard that used that certificate. This was bundleware they did not install intentionally.

First, could you check your connection setting here:

  • Windows: "3-bar" menu button (or Tools menu) > Options
  • Mac: "3-bar" menu button (or Firefox menu) > Preferences
  • Linux: "3-bar" menu button (or Edit menu) > Preferences
  • Any system: type or paste about:preferences into the address bar and press Enter/Return to load it

In the search box at the top of the page, type proxy and Firefox should filter to the "Settings" button, which you can click.

The default of "Use system proxy settings" piggybacks on your Windows/IE "LAN" setting. "Auto-detect" can lead to a flaky connection. You may want to try "No proxy".

Any difference?


Here's my suggested procedure for tracking down and cleaning up hijackers. I know it seems long, but it's really not that bad.

(1) Open the Windows Control Panel, Uninstall a Program.

After the list loads, click the "Installed on" column heading to group the infections, I mean, additions, by date. This can help in smoking out undisclosed bundle items that snuck in with some software you agreed to install. Be suspicious of everything you do not recognize/remember, as malware often uses important or innocent sounding names to discourage you from removing it.

Take out as much trash as possible here. If you're not sure, feel free to post program names or a screenshot of the list.

(2) Open Firefox's Add-ons page using either:

  • Ctrl+Shift+a (Mac: Command+Shift+a)
  • "3-bar" menu button (or Tools menu) > Add-ons
  • in the Windows "Run" dialog, type or paste
    firefox.exe "about:addons"

In the left column, click Extensions. Then, if in doubt, disable (or Remove, if possible) unrecognized and unwanted extensions. All extensions are optional; the troublemaker might not be obvious from its name.

Any improvement?

(3) You can search for remaining issues with the scanning/cleaning tools listed in this support article: Troubleshoot Firefox issues caused by malware. These on-demand scanners are free and take considerable time to run. If they finish quickly and especially if they require payment, you may have a serious infection. I suggest the specialized forums listed in the article in that case.

Hopefully that will flush anything on your system and in your Firefox that could be a problem.

more options

Ok, that worked, turning it to No Proxy, thank you very much.

more options

You can check your Windows proxy settings to see whether that helps with Edge and Chrome. In older versions, you could access that using

Control Panel > Internet Options > Connections tab > "LAN settings" buton

(Example screenshot attached)