Was there a recent change that invalidates private certificates, with it's private CA imported into my FF CA repository?
What I have set up, which worked not too long ago… (Lesen Sie mehr)
Was there a recent change that invalidates private certificates, with it's private CA imported into my FF CA repository?
What I have set up, which worked not too long ago, which was defining the IP address and host name in C:\Windows\System32\drivers\etc\hosts file. Then importing the remote site's private CA certificate in FF. From that point on, it trusted my private URLs due to matching private CA. Now, generates SEC_ERROR_BAD_SIGNATURE.
I renamed the cert8.db file and restarted FF. I now get the normal "untrusted" error then re-imported the private CA to make the "untrusted" error go away. However, that still gave me SEC_ERROR_BAD_SIGNATURE. So, something must've changed.
I even tried disabling OCSP checking (thought it was optional if it couldn't check). I then disabled OCSP Stapling. Neither resolved this issue, thinking it was trying to check with the OCSP server, which it can't reach due to firewall since it's internal to the other private LAN.
I'm not sure where to look. I tried Googling for answers, which lead me to the above two solutions to try.
The CA I have is a private CA, generated by Microsoft Windows Server 2008 R2 with the Active Directory Certificate Authority installation. Like I said, it was working in FF fairly recently. Let me know what else you need for me to provide.
Regards,
John Babbitt
Systems Administrator
Cutler Investment Group, LLC