Since latest update, our site produces this error: The certificate is not trusted because no issuer chain was provided.
We are a company with sales almost exclusively through our site. In the past couple of weeks, we have had many reports (The certificate is not trusted because no issuer chain was provided) from our customers who use FireFox. I suspect there has been a recent update. Our site has functioned very well with FireFox until now.
We could not possibly start telling our customers how to adjust their browser settings. We have customers from coast to coast and the complaints are coming from coast to coast. Chrome, Opera, Safari and IE do not have this problem.
פתרון נבחר
You can inspect the certificate chain via a site like this:
Read this answer in context 👍 3כל התגובות (6)
Can you post a URL?
Usually when you get an SSL certificate, the issuer provides an additional certificate (as one file or a "bundle" file) which you install in the same directory. This provides a link between your certificate and the trusted root certificate recognized by Firefox. There may be one or more intermediate certificates, depending on your vendor.
But... unless you updated your certificate recently, I can't think of any change in Firefox that would cause this error to suddenly appear.
By the way, if your users experience this with multiple HTTPS sites, it could be a known issue with certain security suites, as described in these threads:
- firefox suddenly stopped allowing access to Https sites, saying the sites are untrusted. Chrome and ie allow them. What's up?
- Every website i go on, including Mozilla, gives me a "Connection cannot be trusted" screen with no option to permanently approve it
- Firefox will not connect to Tumblr, Facebook, and Google sites.
פתרון נבחר
You can inspect the certificate chain via a site like this:
cor-el's response is pointing in the right direction. But we have yet to solve the problem. However, once we get someone with the right expertise to look at this problem locally; the site suggested by cor-el will help him resolve the problem.
It is curious to me that no other browser has a problem with our certificate.
Can you post a link to a public page that doesn't require authentication (log in) to access it?
Who is the issuer of your certificate?
You will have to install missing intermediate certificates to make the site work properly.
Firefox stores intermediate certificates that servers send automatically in the Certificate Manager for future usage.
If you have never visited a website that did use that same intermediate certificate then Firefox hasn't saved it and you will get an untrusted error.
Can you figure out what certificate is missing by comparing the following dialogs in IE and Firefox? In Firefox, you can access the certificate from the address bar if you added an exception, or using the View Certificate button in the dialog that you would use to add an exception (whether you add it or not).