Edit: Link no longer works.
Originally posted November 7, 2014 on AIXchange
I have pretty good luck when using Mozilla with my HMCs. However, when I recently upgraded Mozilla, I encountered an issue:
An error occurred during a connection to hmc1. Issuer certificate is invalid. (Error code: sec_error_ca_cert_invalid)
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem. Alternatively, use the command found in the help menu to report this
I found a solution in this technote. Although it’s referring to Domino servers, the concept is still the same.
After updating Firefox to version 31 (or later), when Firefox browser users attempt to access a MD5-based SSL certificate, generated by a Domino Web server, the connection attempt will fail with the following error: Secure Connection Failed. An error occurred during a connection to <server name>. Issuer certificate is invalid. (Error code: sec_error_ca_cert_invalid)
Firefox 31 introduces a new security library named security.use_mozillapkix_verification for strict enforcement for SSL certificate verification (see this MozillaWiki article for details).
After updating Firefox to version 31 (or later), when Firefox browser users attempt to access a MD5-based SSL certificate, generated by a Domino Web server, the connection attempt will fail with the error shown below. This includes Domino self-signed testing certificates generated from the Server Certificate Admin database or server SSL certificates generated from the Domino Certificate Authority.
You can perform the following steps on local Firefox browsers to restore the older SSL libraries for Firefox, which will allow HTTPS connections to your server.
Step 1. Type about: config in the Firefox address bar to access Advanced settings. Read the warning presented, and then click the “I’ll be careful, I promise” prompt to accept and proceed.
Step 2. Scroll down to security.use_mozillapkix_verification and double-click to toggle its value from true to false (or, right-click on it and select Toggle).
Once I did this, I was able to connect to my HMC as usual. Hopefully this tip will help should you run into this same issue in the future.