WCC HTTPS URL Blocked By Firefox

Document ID : KB000008780
Last Modified Date : 14/02/2018
Show Technical Document Details
Issue:

The WCC HTTPS URL is blocked by Firefox saying "Your connection is not secure". After clicking "Advanced", the details show a problem with the site certificate and an error code "SEC_ERR_UNKNOWN_ISSUER"...

 

Firefox_Certificate_Error.JPG

Cause:

This error occurs when the rootCA and/or intermediate certificates are not stored in the Firefox certificate store. In many cases, these certificates are already pushed out to the Windows certificate store on user's workstations via group policy or other methods. While this works good for IE and Chrome which both use the Windows certificate store, it can be problematic for Firefox users. By default, Firefox is configured to use its own certificate store. However, the configuration can be changed so that it trusts certificates in the Windows certificate store.

Resolution:

To change the Firefox configuration so that is will trust certificates from the Windows certificate store, follow the steps below.

1. Open Firefox and enter "about:config" as the URL. Click "Accept the risk!" if prompted. This will bring you to a list of configuration parameters.

Firefox_Certificate_Error2.JPG

2. In the parameter search field, enter "security.enterprise_roots.enabled". This will narrow the list down to the parameter you need to change. Double-click the parameter so that the value changes to "true".

Firefox_Certificate_Error3.JPG

3. Close Firefox and re-launch it.

If you still receive the same error from Firefox after completing the steps above, it means that the rootCA and/or intermediate certificates are also not stored in the Windows certificate store. You will need to contact your security administrator for further assistance.