搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

I am trying to import Root CA certificate from the Windows store. I am able to do so however it is not checking "trust this for website identity"

  • 2 个回答
  • 1 人有此问题
  • 3 次查看
  • 最后回复者为 Zaffscool

more options

Hello Members!,

We are currently using a proxy in our network which intercepts the https traffic. The self signed proxy certificates are pushed to the Windows cert store. A user is able to access the websites on IE/Chrome with out a problem however it is not working on Firefox. Upon further investigation, We came to know that Firefox maintains its own store and does not pick up certs from Windows store by default. We ran a Javascript code to allow the certs to be picked up however there is one more option that is not getting checked called " This certificate can identify Websites". With out this option checked, the browser shows that the issuer of the certificate is unknown. We want to fix this at a large scale and can not do it individually. We want to use GPO to somehow fix this if possible. Kindly share your inputs

Hello Members!, We are currently using a proxy in our network which intercepts the https traffic. The self signed proxy certificates are pushed to the Windows cert store. A user is able to access the websites on IE/Chrome with out a problem however it is not working on Firefox. Upon further investigation, We came to know that Firefox maintains its own store and does not pick up certs from Windows store by default. We ran a Javascript code to allow the certs to be picked up however there is one more option that is not getting checked called " This certificate can identify Websites". With out this option checked, the browser shows that the issuer of the certificate is unknown. We want to fix this at a large scale and can not do it individually. We want to use GPO to somehow fix this if possible. Kindly share your inputs

所有回复 (2)

more options

So did you follow some online help to install this? I did simple search and found some instructions how-to.

https://portal.threatpulse.com/docs/sol/Solutions/ManagePolicy/SSL/ssl_firefox_cert_ta.htm

more options

I understand that this can be done manually however we have 100's of users and hence it will not be possible for us to tackle this issue at an individual level. I wanted to know if this can be fixed by using some code or GPO. I am sure many companies are doing https interception on proxies and they would run across this issue. Any help would be appreciated as I am unable to proceed further.