Sec_error_unknown_issuer

I have used cloudflare ssl certificates for years, and have set them up for several domains. The certificate shows domain.com and *.domain.com as it should correctly, the certificate and key were obtained from the origin tab in SSL/TLS from the cloudflare interface, and installed correctly.

The cache has been cleared on cloudflare and browser.


Someone could be trying to impersonate the site and you should not continue.

Websites prove their identity via certificates. Firefox does not trust green.domain.com because its certificate issuer is unknown, the certificate is self-signed, or the server is not sending the correct intermediate certificates.

Error code: SEC_ERROR_UNKNOWN_ISSUER

Whats the problem?

Ok this forums is broken so I cant edit the post which replied to the user who helped me, it pops of a “link not found” error.

So I will post the solution here. It was not set as proxied in the CF panel. Yesterday it failed regardless of proxied or not, but today firefox marks it safe when proxied.

Check the certificate you’re getting, is it a CF one?

You should also analyse the site with SSLLabs and check for the expected result.

If you aren’t seeing a Cloudflare cert then check your configuration on the origin. Possible you typo’d or something like that.

What is the domain name?

Have you tried using the tool:

Is your domain nameservers changed to Cloudflare ones at your domain registar?

Moreover, your DNS records at Cloudflare dashboard needs to be :orange:

Do you have Full SSL or any other option enabled under SSL tab at Cloudflare dashboard?

You mean on Cloudflare Origin CA certificate or?

Did the certificate expired?

Do you use any Anti-Virus software?
Maybe you have “old” and “cached” certificates at your Web browser or the anti-virus software is scanning them or blocking if so?

1 Like

Yes, as I had stated above it is showing the cloudflare certificate.

No, there is no typo, it is character perfect

I have full ssl enabled, identical to my other working sites

You mean on Cloudflare Origin CA certificate or?
Yes, I have done this proces many many times without problems

Did the certificate expired?
No, as stated above this was a fresh certificate generated yesterday, still the same problem

Do you use any Anti-Virus software?
No, of course not, and as I stated above it is identical to other working servers

Maybe you have “old” and “cached” certificates at your Web browser
No, as stated above the cache was cleared both on cloudflare and on the local browsers

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.