Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Hierdie gesprek is in die argief. Vra asseblief 'n nuwe vraag as jy hulp nodig het.

Firefox 28 does not read SSL certificate hierarchy

more options

I have set up an offline standalone CA and an intermediate enterprise CA. I've secured my server's default website to use https. I am able to connect to the website via Internet Explorer, but Firefox (28) gives me an untrusted connection error. When I view the certificate, I see that Firefox has not identified the hierarchy back to the root CA. In IE the hierarchy is good. Can someone tell me why this is happening and how I might fix it? Please note, I am working on a network with no connectivity to the internet, so I am unable to use online tools to check whether the server is sending all the correct certificates. I would assume that since IE can see them they are being sent.

Thanks in advance

I have set up an offline standalone CA and an intermediate enterprise CA. I've secured my server's default website to use https. I am able to connect to the website via Internet Explorer, but Firefox (28) gives me an untrusted connection error. When I view the certificate, I see that Firefox has not identified the hierarchy back to the root CA. In IE the hierarchy is good. Can someone tell me why this is happening and how I might fix it? Please note, I am working on a network with no connectivity to the internet, so I am unable to use online tools to check whether the server is sending all the correct certificates. I would assume that since IE can see them they are being sent. Thanks in advance

All Replies (1)

more options

Is the problem that Firefox doesn't receive the intermediate certificate, or that Firefox doesn't recognize the authority of the root certificate that you've set up yourself?

That might not be clear from the "Technical Details" section of the error page, that is, they both might just say the certificate cannot be authenticated up to a trusted root.

However, if you can see all the certificates listed on the Details tab of the certificate viewer dialog (e.g., when using Add Exception > View), then it's probably the second issue and you might need to add your "root" certificate as a trusted authority in every Firefox using this site.