Firefox security error code

ladlelord · November 12, 2019, 4:41am

I’ve been having TLS cert issues with Firefox ever since upgrading from Fedora 30 to 31. I thought I fixed the issue by running update-ca-trust, but after I updated my system, I still get issues for common websites that should be trusted (e.g. duckduckgo.com, mozilla.org).

The particular certificate authority that’s causing problems is DigiCert Global Root CA.

I get the following error:

Software is Preventing Firefox From Safely Connecting to This Site

www.mozilla.org is most likely a safe site, but a secure connection could not be established. This issue is caused by DigiCert Global Root CA, which is either software on your computer or your network.

I don’t have this problem with Chrome.

How can I troubleshoot or fix what’s going on?

alciregi · November 12, 2019, 5:08am

It seems a problem happening on other distros as well (then related to Firefox)
https://github.com/clearlinux/distribution/issues/1006

https://bbs.archlinux.org/viewtopic.php?id=247067&p=2

https://forum.manjaro.org/t/digicert-invalid-certificate-in-firefox-after-system-upgrade-potential-rogue-certificate/109242/9

There is also an issue opened on bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1752303

vgaetera · November 12, 2019, 4:54pm

This command is relevant for system CA trusts, but Firefox had its own CA trusts separate from the system last time I used it.