X
Tap here to go to the mobile version of the site.

منتدى الدعم

this connection is untrusted

Posted

dear sir,

i have watch guard firebox for controlling websites accessing and i have configured deep inspection for HTTPS site. for access these sites i have provide self signed CA certificate to internet users. and also i have imported the certificate in trusted root authority of Firefox on the system of internet users.

but when they open HTTPS sites Firefox not use self signed CA certificate and shows these errors (This Connection is Untrusted ).

please help?


regards rahul parmar

dear sir, i have watch guard firebox for controlling websites accessing and i have configured deep inspection for HTTPS site. for access these sites i have provide self signed CA certificate to internet users. and also i have imported the certificate in trusted root authority of Firefox on the system of internet users. but when they open HTTPS sites Firefox not use self signed CA certificate and shows these errors (This Connection is Untrusted ). please help? regards rahul parmar

Additional System Details

Installed Plug-ins

  • Adobe PDF Plug-In For Firefox and Netscape
  • Google Update
  • Shockwave Flash 17.0 r0

Application

  • User Agent: Mozilla/5.0 (Windows NT 6.3; rv:37.0) Gecko/20100101 Firefox/37.0

More Information

guigs 1072 solutions 11697 answers

Hi rahulparmar,

I understand that the warning "The Connection is Untrusted" is showing up. It is possible for the users to add an exception: "This Connection is Untrusted" error message appears - What to do

However since they are self signed, it is also possible to check to make sure that they follow the guidelines for:

For specific debugging errors we are happy to help or refer to the certificates@mozilla.org address.

Hi rahulparmar, I understand that the warning "The Connection is Untrusted" is showing up. It is possible for the users to add an exception: [["This Connection is Untrusted" error message appears - What to do]] However since they are self signed, it is also possible to check to make sure that they follow the guidelines for: *[https://blog.mozilla.org/security/2014/04/24/exciting-updates-to-certificate-verification-in-gecko/] *[https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/inclusion/] For specific debugging errors we are happy to help or refer to the certificates@mozilla.org address.
cor-el
  • Top 10 Contributor
  • Moderator
17422 solutions 157414 answers

If it works with other browser then check the certificate chain and see if you can export a trusted root certificate. Then you can import this certificate in Firefox and set the appropriate trust bits when prompted.

  • Tools > Options > Advanced > Certificates: View Certificates
If it works with other browser then check the certificate chain and see if you can export a trusted root certificate. Then you can import this certificate in Firefox and set the appropriate trust bits when prompted. *Tools > Options > Advanced > Certificates: View Certificates

Question owner

dear sir,

i have already imported the certificate in trusted root authorities.

but Firefox is not using this certificate. please help?


regards Rahul

dear sir, i have already imported the certificate in trusted root authorities. but Firefox is not using this certificate. please help? regards Rahul
cor-el
  • Top 10 Contributor
  • Moderator
17422 solutions 157414 answers

Do you see the certificate under Authorities? Tools > Options > Advanced > Encryption: Certificates > View Certificates : Authorities

Did you set the trust bit(s) of that certificate to make Firefox trust the as a root certificate? Otherwise Firefox wont' trust the certificate.

You can also check the certificate chain by clicking the globe/padlock on the location/address bar to see if this certificate is included.

Do you see the certificate under Authorities? Tools > Options > Advanced > Encryption: Certificates > View Certificates : Authorities Did you set the trust bit(s) of that certificate to make Firefox trust the as a root certificate? Otherwise Firefox wont' trust the certificate. You can also check the certificate chain by clicking the globe/padlock on the location/address bar to see if this certificate is included.
guigs 1072 solutions 11697 answers

Does the CA certificate follow the guidelines? Disabling this policy in Firefox would cause serious security issues. If absolutely necessary see:https://support.mozilla.org/en-US/que.../1012765

Does the CA certificate follow the guidelines? Disabling this policy in Firefox would cause serious security issues. If absolutely necessary see:[https://support.mozilla.org/en-US/questions/1012765]
cor-el
  • Top 10 Contributor
  • Moderator
17422 solutions 157414 answers

Note that disabling libPKIX support via security.use_mozillapkix_verification = false only applies to Firefox 31 and 32, so that is no longer possible in current releases.

  • Bug 975229 - Remove NSS-based certificate verification
Note that disabling libPKIX support via security.use_mozillapkix_verification = false only applies to Firefox 31 and 32, so that is no longer possible in current releases. *Bug 975229 - Remove NSS-based certificate verification
guigs 1072 solutions 11697 answers

Corel thank you, please disregard my previous suggestion rahulparmar.

Corel thank you, please disregard my previous suggestion rahulparmar.