Author Topic: I've got problem with SEC_ERROR_UNKNOWN_ISSUER  (Read 6354 times)

0 Members and 1 Guest are viewing this topic.

Offline tdyholy4114

  • Newbie
  • *
  • Posts: 1
I've got problem with SEC_ERROR_UNKNOWN_ISSUER
« on: December 09, 2017, 10:21:01 AM »
Hi there, My name's Teddy.
So after a reinstall of Firefox (I had removed Firefox public and it disabled my Firefox ESR and Nightly both), almost all https sites are blocked off by Avast. If I disable https scanning, there is no problem. If I add an exception, pages in that domain work correctly.
ทางเข้าufabet
With scanning enabled, I get SEC_ERROR_UNKNOWN_ISSUER on almost every https site, including even Mozilla's own site. The message says that the sites have been configured incorrectly. Really? The problem is within Avast's Web Shield behavior, not every bloody https site.
ufabet
I'd like to use secure scanning, but not if I have to add an exception in Avast for almost every site I go to one by one.

Offline ondrej.kolacek

  • Avast team
  • Sr. Member
  • *
  • Posts: 208
Re: I've got problem with SEC_ERROR_UNKNOWN_ISSUER
« Reply #1 on: December 21, 2017, 11:50:19 AM »
Hello,
our certificate is missing in firefox's certificate list. Please run the following command:
"/Library/Application Support/Avast/hub/usermodules/020_cert.sh" start
This should kill your firefox if running. After running it again, all should be fine.
Kind regards,
Ondrej Kolacek

Offline danm65

  • Newbie
  • *
  • Posts: 2
Re: I've got problem with SEC_ERROR_UNKNOWN_ISSUER
« Reply #2 on: January 27, 2018, 12:42:18 PM »
I have come across the same issue with Firefox after installing Avast Mac Security.

I have tried what Ondrej has suggested but unfortunately that didn't work.

(The issue doesn't affect Safari on the same machine.)

Thank you in advance for any replies


Offline richie2154

  • Newbie
  • *
  • Posts: 2
Re: I've got problem with SEC_ERROR_UNKNOWN_ISSUER
« Reply #3 on: January 28, 2018, 02:10:40 PM »
What you can do is to add "Avast trusted CA" to Firefox's certificate manager.

Firstly, you need to obtain a copy of the certificate.
This can be found with Keychain Access with Keychain "login" and category "Certificates". Search for "avast". You should find "Avast trusted CA". Select it and export it from the menu bar under "File" then "Export Items...". Save it somewhere accessible.

Next, the certificate needs to be added to Firefox's certificate manager.
Open Firefox's Preferences > Privacy & Security tab. Scroll down to Security > Certificates. Open "View Certificates...". Click on "Authorities" then "Import...". Import "Avast trusted CA" and trust it to "identify websites". You can select "identify mail users" if you want.

Offline danm65

  • Newbie
  • *
  • Posts: 2
Re: I've got problem with SEC_ERROR_UNKNOWN_ISSUER
« Reply #4 on: January 30, 2018, 11:33:14 PM »
What you can do is to add "Avast trusted CA" to Firefox's certificate manager.

Firstly, you need to obtain a copy of the certificate.
This can be found with Keychain Access with Keychain "login" and category "Certificates". Search for "avast". You should find "Avast trusted CA". Select it and export it from the menu bar under "File" then "Export Items...". Save it somewhere accessible.

Next, the certificate needs to be added to Firefox's certificate manager.
Open Firefox's Preferences > Privacy & Security tab. Scroll down to Security > Certificates. Open "View Certificates...". Click on "Authorities" then "Import...". Import "Avast trusted CA" and trust it to "identify websites". You can select "identify mail users" if you want.

That has solved the issue for me, thank you!

Offline ondrej.kolacek

  • Avast team
  • Sr. Member
  • *
  • Posts: 208
Re: I've got problem with SEC_ERROR_UNKNOWN_ISSUER
« Reply #5 on: February 05, 2018, 03:29:58 PM »
The latest released Firefox has changed format in which certificates are stored. Thus Avast's scripts which are supposed to inject our certificate to Firefox do not temporarily work. Please use the workaround posted by Richie 2154 for now; we will fix this in the next version.