Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Lolu chungechunge lwabekwa kunqolobane. Uyacelwa ubuze umbuzo omusha uma udinga usizo.

firefox does not honor custom CA certificate

  • 1 baphendule
  • 7 zinale nkinga
  • 2 views
  • Igcine ukuphendulwa ngu guigs

more options

Hi

I have a server intercepting traffic for all devices in my home network. It does HTTPS inspection. For this i generated a certificate. I Installed this certificate on all of my own devices (including firefox mobile). Recently i received a new phone, and installed firefox on it, now even after installing the certificate in firefox, it will NOT browse to websites (sec_error_untrusted_issuer)... yet obviously i trust my own hardware/software. I repeat, installing the certificate does not allow me to browse like before....

Hi I have a server intercepting traffic for all devices in my home network. It does HTTPS inspection. For this i generated a certificate. I Installed this certificate on all of my own devices (including firefox mobile). Recently i received a new phone, and installed firefox on it, now even after installing the certificate in firefox, it will NOT browse to websites (sec_error_untrusted_issuer)... yet obviously i trust my own hardware/software. I repeat, installing the certificate does not allow me to browse like before....

All Replies (1)

more options

Hi menne386, Thank you for your question, and this sounds pretty impressive for a home network :-)

This error is sometimes caused by an SSL mismatch and for self signed certificates: You can retrieve the certificate and check details like who issued certificates and expiration dates of certificates.

  • Click the link at the bottom of the error page: "I Understand the Risks"

Let Firefox retrieve the certificate: "Add Exception" -> "Get Certificate".

  • Click the "View..." button and inspect the certificate and check who is the issuer of the certificate.

Can also try the built in tool to force it< see https://developer.mozilla.org/en-US/d.../NSS_tools_:_certutil