Why is FireFox not trusting my wildcard root CA when a site is HSTS enabled?
The other two major browsers, Google Chrome and Internet Explorer both exempt sites covered by a trust locally installed wildcard root CA's from HSTS checks, however Firefox throws a certificate warning.
There are legitimate reasons to install a wildcard root CA onto users devices, such as for performing HTTPS inspection within a corporate or education environment, however FF no longer allows this.
I can understand the developers are trying to protect against MITM attacks, but this has to be an oversight or bug?
All Replies (3)
what error message/error code are you getting?
Firefox uses it's own certificate store, not the system one tht chrome and IE use. Have you tried installing the certificate in Firefox's certificate store?