Software, Technology

How-to: Fix Untrusted Connections in Firefox

Firefox - this connection is untrustedWith so much of our daily lives now conducted via the internet, from paying bills to accessing medical services, online banking and shopping, if you can’t trust your browser to take you to the right site, what do you do?

And what do you do when it is the right site but the browser thinks otherwise?

It’s all to do with certificates and identification.

In Firefox, security is taken very seriously. Any web address that starts with https has an encrypted link based on the presentation of a ‘certificate’ to identify itself. Which is fine as long as Firefox determines that the site you’re visiting is actually the site that it claims to be. If there is a problem with the certificate – as I have with one of my client sites – you will see the ‘This Connection Is Untrusted’ alert page.

Connection Untrusted 
The alert doesn’t necessarily mean that the certificate is fraudulent or broken – it just means that Firefox isn’t able to verify the identity of the website, and rightly advises you to proceed with care. Several problems can cause Firefox to reject an https certificate.

I’m Not a Certificate, Get Me Out of Here
If you don’t have the nerve or the know-how to deal with the alert, the safest thing to do is to click the ‘Get me out of here!’ button. If you can read the tea leaves in the Technical Details section, you might be able to make a judgement call or take action in respect of incorrect identification. The ‘I understand the risks’ option declares you are willing to risk a connection that could be vulnerable to eavesdropping (I’ve never dropped any eaves, have you?).

If you can, check in with the owners of the website; they may not know there’s a problem. If, like my client, there’s an ongoing issue with a certain certificate, it may be perfectly safe to continue.

Technical Information
Some common errors are:

  • Certificate will not be valid until (date). Somebody deployed a certificate early – it’s not valid yet.
  • (site name) uses an invalid security certificate. The certificate will not be valid until (date). (Error code: sec_error_expired_issuer_certificate). Also a date issue – probably yours. If your computer clock has the wrong date – the date given in the error message in the past – your system needs setting correctly.
  • The certificate expired on (date). Somebody forgot to renew the certificate.
  • (site name) uses an invalid security certificate. The certificate expired on (date). (Error code: sec_error_expired_certificate). Also expired.
  • Certificate is only valid for (site name), (site name) uses an invalid security certificate. The certificate is only valid for (site name). (Error code: ssl_error_bad_cert_domain). This is potentially the bad one; the identification sent to you by the site is actually for another site. It’s also possible the certificate is for a different part of the same site or domain. For example,, and are different addresses. The certificate for one does not authenticate the other.
  • (site name) uses an invalid security certificate. The certificate is not trusted because no issuer chain was provided. (Error code: sec_error_unknown_issuer). Some anti-virus software will trigger this message if you have enabled SSL scanning – ESET or BitDefender go off on this one. Try to disable this option.
  • (site name) uses an invalid security certificate. The certificate is not trusted because it is self-signed. (Error code: sec_error_untrusted_issuer). Self-signed certificates may make a secure connection but prove nothing of the actual identity of the site owner.
  • (site name) uses an invalid security certificate. The certificate is not trusted because the issuer certificate is unknown. (Error code: sec_error_unknown_issuer). This one you can do something about.

Firefox can sometimes trash authentication files in user profile folders. A certificate that was valid suddenly becomes unrecognised, but nothing changed. It’s possible the file cert8.db in your profile folder may have become corrupted. You can close Firefox and delete this file.

Deleting Cert8.db
Into the rabbit warren we go:

  1. Open your profile folder by going to the top of the Firefox window, click on the Firefox button, choose the ‘Help’ menu and then ‘Troubleshooting Information’.
  2. In ‘Application Basics’, select ‘Show Folder’ to open a new window listing your profile files.
  3. At the top of the Firefox window, click on the Firefox button and select ‘Exit’ to close the browser. The profile window remains open.
  4. Click on the file named ‘cert8.db’.
  5. Press ‘Delete’.
  6. Restart Firefox.

A new cert8.db will be created when you restart Firefox. This is normal.

I Understand the Risks
You can bypass the warning if you’re confident both of the identity of the website and of the integrity of your connection. You can add the site as a security exception and carry on using it.

  1. On the warning page, click ‘I Understand the Risks’.
  2. Click ‘Add Exception’… The ‘Add Security Exception’ dialog will appear.
  3. Read the text describing the problems with this site.
  4. Click ‘Confirm Security Exception’ if you want to trust the site.

However, few legitimate public sites will run for long with an invalid certificate; nor should you. RC

More information at:

About Robin Catling

Robin Catling gained degrees in both arts and technology which led to a diverse portfolio of employment. A freelance systems analyst, project manager and business change manager for the likes of American Express, British Airways and IBM, he moved on to web design, journalism and technical authoring. He has also worked in film and television, both behind and in front of the camera, including productions by Steven Spielberg, Martin Scorcese, Ron Howard and Ridley Scott. A qualified three-weapon coach, he runs West Devon Swords teaching sports fencing to all age groups, and in recent years qualified with the British Federation of Historical Swordplay to teach medieval and renaissance combat in the Historical Western Martial Arts.


8 thoughts on “How-to: Fix Untrusted Connections in Firefox

  1. will you care if I tweet this post?

    Posted by 6796Bofinger | Mar 9, 2014, 12:28 am
  2. I read your blog from time to time and I own a similar one and I was just curious if you get a lot of spam responses? If so how do you prevent it, any plugin or anything you can recommend?

    Posted by jacquelyn heiman | Mar 28, 2014, 6:25 pm
  3. thanks i change my computers date & time & solve my error problem

    Posted by Sandeep Mahule | Jul 3, 2014, 12:54 pm
  4. C:\Users\******(your user account)\AppData\Roaming\Mozilla\Firefox .
    find the “profile” Folder.
    Delete it.
    And you are done.

    Posted by despo_b | Nov 6, 2015, 5:45 am
  5. You may perform clearing the cache or add the website to trusted. if these steps aren’t working so far

    I Actually found a solution to this error message

    Solution 3. From this website

    Posted by Claire Grant | Feb 16, 2018, 1:06 am


  1. Pingback: How-to: View and clear SSL Certificate Exceptions on Firefox | Everything Express - Jul 8, 2014

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Twitter Updates

Follow us on Twitter @EverythingExpre

Find Us on Facebook

Enter your email address to follow this blog and receive notifications of new posts by email.



BBC World News

BBC World News
Opens the BBC World News page.
%d bloggers like this: