Pesquisar no site de suporte

Evite golpes de suporte. Nunca pedimos que você ligue ou envie uma mensagem de texto para um número de telefone, ou compartilhe informações pessoais. Denuncie atividades suspeitas usando a opção “Denunciar abuso”.

Saiba mais

Esta discussão foi arquivada. Faça uma nova pergunta se precisa de ajuda.

Problem importing a root certificate authority from IE environment

  • 1 resposta
  • 35 têm este problema
  • 3 visualizações
  • Última resposta de trs1980

more options

I created a self-signed trusted root authority certificate using Microsoft's makecert utility - this is for a test environment... I imported it into the IE environment using Microsoft's MMC utility and it works fine. Using IE I can browse to our test server using https with no problem.

When I export that certificate out of the IE environment (using MMC) in a base64 format (DER also) and try to import it into Firefox I get an error, "This is not a certificate authority certificate, so it can't be imported into the certificate authority list." How can I get firefox to trust a test CA certificate?

I created a self-signed trusted root authority certificate using Microsoft's makecert utility - this is for a test environment... I imported it into the IE environment using Microsoft's MMC utility and it works fine. Using IE I can browse to our test server using https with no problem. When I export that certificate out of the IE environment (using MMC) in a base64 format (DER also) and try to import it into Firefox I get an error, "This is not a certificate authority certificate, so it can't be imported into the certificate authority list." How can I get firefox to trust a test CA certificate?

Todas as respostas (1)

more options

One potential cause of this problem - Firefox will not import self-signed root CA certificates that are missing the value "Subject Type=CA" in the Basic Constraints field (visible on the Details tab when you view the certificate in Windows.) Contact the person who supplied you with the test self-signed root authority certificate and tell them that they need to add that constraint to either the certificate request or the command line when making the self-signed root CA certificate. The switch on makecert is -cy authority. I found the following helpful: http://stackoverflow.com/questions/496658/using-makecert-for-development-ssl