SEC_ERROR_UNKNOWN_ISSUER received for Search engines
Hi, I am working on Linux Kali. While trying to open any search engines (besides bing) on Firefox (iceweasel) I am getting insecure connection as shown on the screenshot below. While trying to access most of the other sites I am able to do so. Please advise.
Izabrano rješenje
So there are two certificates there:
(1) The google.ba certificate says it was issued by "api-SARAJEVO-CA" which does not sound like a typical issuer of a Google cert.
(Used these sites for decoding: https://certlogik.com/decoder/, https://www.sslchecker.com/certdecoder)
(2) The api-SARAJEVO-CA certificate also was issued by api-SARAJEVO-CA which apparently is unknown to Firefox.
I couldn't find any information online so I don't know who is using that certificate to try to fake out your browsers, or why they are intercepting your Google searches.
Pročitajte ovaj odgovor sa objašnjenjem 👍 1All Replies (5)
The owner of www.hacking-lab.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.
This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely. As a result, it is not possible to add an exception for this certificate.
Hi ammer123, if you click the blue text of the error code, the page should open a panel displaying the details of the certificate. They look like gibberish, but they can be decoded to reveal the "issued by" information on a site like https://www.sslshopper.com/certificate-decoder.html and that often points to a "man in the middle" such as security software, parental control filter, proxy server, or malware. Could you copy/paste that certificate information into a reply?
Here it is for Google.com. I am able to access most of the websites but search engines or any search,no.
https://www.google.ba/?gws_rd=cr,ssl&ei=dJA2WJSbN4mnsAGjsqDYDw Peer's Certificate issuer is not recognized. HTTP Strict Transport Security: false HTTP Public Key Pinning: true Certificate chain: -----BEGIN CERTIFICATE----- MIIDnjCCAoagAwIBAgIIajm9kLBObZQwDQYJKoZIhvcNAQELBQAwRjEVMBMGCgmS JomT8ixkARkWBWxvY2FsMRMwEQYKCZImiZPyLGQBGRYDYXBpMRgwFgYDVQQDEw9h cGktU0FSQUpFVk8tQ0EwHhcNMTYxMTEwMTUzMDAwWhcNMTcwMjAyMTUzMDAwWjBl MQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNTW91 bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEUMBIGA1UEAwwLKi5nb29n bGUuYmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjeO7cSy/HMBeT +e9+LtuHgJGZ0eL2PYKJQIZnfixD5hW1xQfBbu3HoXrn75mehrvjGg8OtdtZMiA+ QK2oiiIcp9rCdLSB+ubD6rLExPxczs8z1dnvr60xFrg4AKmOoULRt75vqt3QVyF6 ui7bu2gRzj34YZeInhV242zTNTn88CSaX0lKY0nCPFNvYUUn3kZTLVyZzrdQIRIM 56ZdlzR5DVH0iNAd1ivJaekG+AfAXk3GdPB1dbJ7466CDWxCt9QwJOxkrrq2O5ew nqTwT1JpoWu/zuR5xxxD/AB/s8gl5cUoDQmyUXwsqZ3befza3P6XOChEGrS0YVhV aKlB1RdTAgMBAAGjcTBvMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAh BgNVHREEGjAYggsqLmdvb2dsZS5iYYIJZ29vZ2xlLmJhMB0GA1UdDgQWBBQw5HT4 uQjt/spGCMGRA7lV0n5fqjAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBCwUAA4IB AQCLj1Ctld9LYeDghOAikUlDxmuZWPoTkNoM3YictUd7UvTlPjGdF8l2aEcfr4+N M8S1Cdr9Oqa3L6vQGeo9PT4feThevdvQn/kyFQl8MgAXEP3lxquzpD19VHDLeCRA 2/YZLHmzFWizBdoD9TgAlR2zd8vjaobI64fAFFzB1JkthLgaDZqw9jVgVxAKOg0Q pGTP+pDMKZZTav8bLwJ6HsuaztuB9UizPYW/XOHMLnauIhJ7DtaAO4yqtJpCTFUG B23gXH0XnAcqL7I/tby0Gu9S4Q+wB7ywhdYa4plSU16ShmwFhtCiYVJTbevH5cYD QL4LsQ95Ch7EOvXTU8x6O3RI -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIDZzCCAk+gAwIBAgIQcXv/1njaeLRILMmGrunFejANBgkqhkiG9w0BAQUFADBG MRUwEwYKCZImiZPyLGQBGRYFbG9jYWwxEzARBgoJkiaJk/IsZAEZFgNhcGkxGDAW BgNVBAMTD2FwaS1TQVJBSkVWTy1DQTAeFw0xMjExMDUyMzMyMDFaFw0xNzExMDUy MzQyMDBaMEYxFTATBgoJkiaJk/IsZAEZFgVsb2NhbDETMBEGCgmSJomT8ixkARkW A2FwaTEYMBYGA1UEAxMPYXBpLVNBUkFKRVZPLUNBMIIBIjANBgkqhkiG9w0BAQEF AAOCAQ8AMIIBCgKCAQEAwSzi4Z3e2B/b1DhC78g0a8spoxJyqn8PaUlhmqiJ/1gm W9DKlwoS61k12XudvkKghmTHqKCL7jRT+hVlqlDijtV7zhYfbA4A1ScwYd0UpmLY xLpgCYJ8d/Wmin1qmlF7sHPsqemrLQKxNVPsIOb76DukRY755ry5Qn2sVRURKVL1 WOu9mA2I8Jd3gnorejWpxau9XxkxNStUewLMHWIwqRZfO7dsgxDPSZFpUUsK6Nx5 PHJ3BFABY3JYeBZZLmGSiM6QECB+FqK+BX0phwErXaOShS6mlosXF9NgiPh8rJ0u iVHH+QnK2Fd5IXfc2sVUgh2tQiEVRfZmHZeLz9lUhQIDAQABo1EwTzALBgNVHQ8E BAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUJvIorAIyR1o46udtVbmI JBJFepcwEAYJKwYBBAGCNxUBBAMCAQAwDQYJKoZIhvcNAQEFBQADggEBAEGAMxwH Nf8DoHlMVrIWTlZkt1+M3QrLuGC5ckj9fM506UFzTVfKAJh508rcAQlN/HeIXCDH YmADtnQloQY5eYe3ix+bSRT8EpTh+Xb559iGv96EwVXTyAAtZorXT2iOZfHGVwEL RYaiSxS9XbvAt2QSCMoILW8p+hgtSgXOUg0SmR4Mj6vk2qTU4/+usAFqx6YvF9tQ WbK6hOFy7rNovz8t9fqwB9PuyHxngCMBZ2leQKkvU9uYLYBRcVoW+pguw8KnM3oc Xb3JyGfpszyZTj5lp53VP9To37PR/W9dESI2LRs91xt9Suybc6d00EhK484Fpa57 xXIjpACRzM+PuJ8= -----END CERTIFICATE-----
Odabrano rješenje
So there are two certificates there:
(1) The google.ba certificate says it was issued by "api-SARAJEVO-CA" which does not sound like a typical issuer of a Google cert.
(Used these sites for decoding: https://certlogik.com/decoder/, https://www.sslchecker.com/certdecoder)
(2) The api-SARAJEVO-CA certificate also was issued by api-SARAJEVO-CA which apparently is unknown to Firefox.
I couldn't find any information online so I don't know who is using that certificate to try to fake out your browsers, or why they are intercepting your Google searches.
I was able to resolve this issue. One of the certificates were not correct from Company. When importing it issue is resolved. Thank you!!!