This is an old revision of the document!
Viewing Site Certificate Information
When encountering security certificate errors in Zotero, viewing the certificate information for zotero.org or another affected domain in your web browser may provide more details on what is causing the problem on your system. If you share this information in the Zotero Forums, we may be able to help identify what is interfering (or it may be self-explanatory, based on, for example, the name of your institution or security software on your system).
- Load any zotero.org web page (such as this one) or, if you're getting an error about another domain, an HTTPS URL for that domain. (If you're getting a certificate error for s3.amazonaws.com, use this URL.)
- View the certificate information. The process to do this varies by browser:
- In Firefox, click the padlock icon, click the right-arrow next to the domain name, and look at the “Verified by:” line. For full information, click More Information → Security → View Certificate and look at the details under Issued To, Issued By, and Period of Validity.
- In Chrome (Windows), click on the three-bars icon at the top right, go to More Tools –> Developer Tools, click the Security Tab, click on “View Certificate”, and look at the “Issued by” line. For full information, click the Details tab, click on Issuer, and look at the values for “CN” (Common Name) and “O” (Organization) below.
- In Chrome (Mac), click on the three-bars icon at the top right, go to More Tools –> Developer Tools, click the Security Tab, click on “View Certificate”, and look at the “Issued by” line. For full information, click Details and look at the various Organization and Common Name fields.
- In Safari, click the padlock icon → Show Certificate and look at Expires, Common Name under Subject Name, and Organization and Common Name under Issuer Name.
Secure connections to zotero.org will show that the site is verified by “GeoTrust Inc.”, “RapidSSL”, or “Amazon”. If you see something else, something is intercepting your secure connections. (Something intercepting your connection could also self-identify as one of the expected entities, though this is rare.)