CERT_AUTHORITY_INVALID

The server responded with a certificate that is signed by an authority we don't trust. This could mean:

1. An attacker has substituted the real certificate for a cert that contains his public key and is signed by his cousin.
2. The server operator has a legitimate certificate from a CA we don't know about, but should trust.
3. The server is presenting a self-signed certificate, providing no defense against active attackers (but foiling passive attackers).