搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

Why is FireFox not trusting my wildcard root CA when a site is HSTS enabled?

  • 3 个回答
  • 2 人有此问题
  • 8 次查看
  • 最后回复者为 cor-el

more options

The other two major browsers, Google Chrome and Internet Explorer both exempt sites covered by a trust locally installed wildcard root CA's from HSTS checks, however Firefox throws a certificate warning.

There are legitimate reasons to install a wildcard root CA onto users devices, such as for performing HTTPS inspection within a corporate or education environment, however FF no longer allows this.

I can understand the developers are trying to protect against MITM attacks, but this has to be an oversight or bug?

The other two major browsers, Google Chrome and Internet Explorer both exempt sites covered by a trust locally installed wildcard root CA's from HSTS checks, however Firefox throws a certificate warning. There are legitimate reasons to install a wildcard root CA onto users devices, such as for performing HTTPS inspection within a corporate or education environment, however FF no longer allows this. I can understand the developers are trying to protect against MITM attacks, but this has to be an oversight or bug?

所有回复 (3)

more options

what error message/error code are you getting?

more options

Firefox uses it's own certificate store, not the system one tht chrome and IE use. Have you tried installing the certificate in Firefox's certificate store?

more options