搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

Firefox 28 does not read SSL certificate hierarchy

more options

I have set up an offline standalone CA and an intermediate enterprise CA. I've secured my server's default website to use https. I am able to connect to the website via Internet Explorer, but Firefox (28) gives me an untrusted connection error. When I view the certificate, I see that Firefox has not identified the hierarchy back to the root CA. In IE the hierarchy is good. Can someone tell me why this is happening and how I might fix it? Please note, I am working on a network with no connectivity to the internet, so I am unable to use online tools to check whether the server is sending all the correct certificates. I would assume that since IE can see them they are being sent.

Thanks in advance

I have set up an offline standalone CA and an intermediate enterprise CA. I've secured my server's default website to use https. I am able to connect to the website via Internet Explorer, but Firefox (28) gives me an untrusted connection error. When I view the certificate, I see that Firefox has not identified the hierarchy back to the root CA. In IE the hierarchy is good. Can someone tell me why this is happening and how I might fix it? Please note, I am working on a network with no connectivity to the internet, so I am unable to use online tools to check whether the server is sending all the correct certificates. I would assume that since IE can see them they are being sent. Thanks in advance

所有回复 (1)

more options

Is the problem that Firefox doesn't receive the intermediate certificate, or that Firefox doesn't recognize the authority of the root certificate that you've set up yourself?

That might not be clear from the "Technical Details" section of the error page, that is, they both might just say the certificate cannot be authenticated up to a trusted root.

However, if you can see all the certificates listed on the Details tab of the certificate viewer dialog (e.g., when using Add Exception > View), then it's probably the second issue and you might need to add your "root" certificate as a trusted authority in every Firefox using this site.