Solved

Firefox Error code: SEC_ERROR_UNKNOWN_ISSUER in firefox when browsing to sites

Posted on 2016-11-01
5
152 Views
Last Modified: 2016-11-08
Hi, I have firefox version 49.0.2 installed.

I have network settings set to Use System Proxy Settings

FireFox Network Settings
If i set it to No Proxy, i can browse fine.  I think it may have something to do with the proxy itself.

I am using a Websense proxy http://*.*.*.*:8083/wpad.dat

I have tried to uninstall and reinstall.

Here is the page i get when trying to browse to www.google.com.
SEC_ERROR_UNKOWN_ISSUER
I can browse fine on anyother browser.  I have tried to research this on google and i found things suggested like Mallware or security software intercepting the way firefox is negotiating protocols with servers i am trying to reach.  But it only occurs when i have a proxy enabled in FireFox Settings.  

please help
0
Comment
Question by:JB Blanco
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 41868779
When you use a proxy, you are actually making two connections in series.  One from the browser to the proxy and then one from the proxy to the target.  It is likely that Websense does not support HSTS which is why you are getting that error.  I believe that the only 'solution' is to not use the proxy with Firefox.

More info:  https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security
0
 

Author Comment

by:JB Blanco
ID: 41870544
I have a ticket open with Websense to confirm whether its supported or not.  But in the mean time how can i confirm this on my own?  I dont see how it would'nt be supported.  Is there anything else you can have me try?  is there anyone on this site with experience using Websense Content Gateway Manager in an environment using firefox?
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 41870550
HSTS is a relatively new addition to the HTTP/S protocol.  Maybe Websense hasn't caught up yet.  A proxy has to make it's own request to the destination.  It's not just a matter of passing on the original request.

I don't know how you would check it yourself since you can only see one side of the proxy.
0
 

Accepted Solution

by:
JB Blanco earned 0 total points
ID: 41872999
I solved my own question!

The solution to this issue is recorded here

https://support.forcepoint.com/KBArticle?id=Importing-Sub-CA-Certificates-To-Firefox

Basically export the cert from the Content Gateway Following those instructions and then imported into firefox!
0
 

Author Closing Comment

by:JB Blanco
ID: 41878483
It was the correct solution
0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ready for our next Course of the Month? Here's what's on tap for June.
Recovering from what the press called "the largest-ever cyber-attack", IT departments worldwide are discussing ways to defend against this in the future. In this process, many people are looking for immediate actions while, instead, they need to tho…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
In this video, viewers are given an introduction to using the Windows 10 Snipping Tool, how to quickly locate it when it's needed and also how make it always available with a single click of a mouse button, by pinning it to the Desktop Task Bar. Int…

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question