Търсене в помощните статии

Избягвайте измамите при поддръжката. Никога няма да ви помолим да се обадите или изпратите SMS на телефонен номер или да споделите лична информация. Моля, докладвайте подозрителна активност на "Докладване за злоупотреба".

Научете повече

I am trying to import Root CA certificate from the Windows store. I am able to do so however it is not checking "trust this for website identity"

  • 2 отговора
  • 1 има този проблем
  • 25 изгледи
  • Последен отговор от Zaffscool

more options

Hello Members!,

We are currently using a proxy in our network which intercepts the https traffic. The self signed proxy certificates are pushed to the Windows cert store. A user is able to access the websites on IE/Chrome with out a problem however it is not working on Firefox. Upon further investigation, We came to know that Firefox maintains its own store and does not pick up certs from Windows store by default. We ran a Javascript code to allow the certs to be picked up however there is one more option that is not getting checked called " This certificate can identify Websites". With out this option checked, the browser shows that the issuer of the certificate is unknown. We want to fix this at a large scale and can not do it individually. We want to use GPO to somehow fix this if possible. Kindly share your inputs

Hello Members!, We are currently using a proxy in our network which intercepts the https traffic. The self signed proxy certificates are pushed to the Windows cert store. A user is able to access the websites on IE/Chrome with out a problem however it is not working on Firefox. Upon further investigation, We came to know that Firefox maintains its own store and does not pick up certs from Windows store by default. We ran a Javascript code to allow the certs to be picked up however there is one more option that is not getting checked called " This certificate can identify Websites". With out this option checked, the browser shows that the issuer of the certificate is unknown. We want to fix this at a large scale and can not do it individually. We want to use GPO to somehow fix this if possible. Kindly share your inputs

Всички отговори (2)

more options

So did you follow some online help to install this? I did simple search and found some instructions how-to.

https://portal.threatpulse.com/docs/sol/Solutions/ManagePolicy/SSL/ssl_firefox_cert_ta.htm

more options

I understand that this can be done manually however we have 100's of users and hence it will not be possible for us to tackle this issue at an individual level. I wanted to know if this can be fixed by using some code or GPO. I am sure many companies are doing https interception on proxies and they would run across this issue. Any help would be appreciated as I am unable to proceed further.