How to fix error code: sec_error_unknown_issuer?

Alton Alexander
By Alton AlexanderUpdated on June 4th, 2022

This error code indicates that the issuer of the security certificate cannot be determined. This can happen for a variety of reasons, including the server's certificate chain being incomplete or the server's identity having been mis-configured. In either case, it means that the browser cannot trust the server and will not establish a secure connection.

You are here because you have a question about:

  • (error code: sec_error_unknown_issuer)
  • firefox error code: sec_error_unknown_issuer
  • security error code
  • error code: sec_error_unknown_issuer

1. Obtain a new certificate from a trusted issuer

  1. Go to the website of the trusted certificate issuer and sign in.
  2. On the left-hand side of the screen, select “Certificates”.
  3. On the right-hand side of the screen, select “View My Certificates”.
  4. Select the certificate you want to obtain a new certificate for.
  5. On the “Details” tab, click on the “Request a Certificate” button.
  6. On the “Request a Certificate” page, you will need to provide the following information:
  • Your name
  • Email address
  • Country
  • Phone number
  • Certificate type
  • Subject
  • Issuer
  • Common Name
  • Date of Birth
  1. Click on the “Submit” button.
  2. A confirmation email will be sent to the email address you provided.
  3. Click on the link in the email to go to the “My Certificate” page.
  4. Click on the “Download Your Certificate” button.
  5. Save the certificate file to a location on your computer.

2. Import the issuer's certificate into your browser's certificate store

  1. In your browser, open the "Tools" menu and select "Internet Options".
  2. Click the "Security" tab and then click the "Certificates" button.
  3. Locate the "My Certificates" folder and click the "Import" button.
  4. On the "Import Certificate" dialog box, locate the issuer's certificate file and click the "Open" button.
  5. On the "Import Certificate" dialog box, accept the certificate's security requirements and click the "OK" button.
  6. On the "Certificate Import Results" dialog box, click the "Close" button.

3. Set the security.OCSP.require setting to false in about:config

  1. Open about:config in your browser.
  2. Search for security.OCSP.require and set it to false.
  3. Restart your browser.

4. Disable OCSP validation in your browser

In most browsers, you can disable OCSP validation by going to the "Security" settings and turning off the "Validate OCSP responses" option.