Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

This thread was archived. Please ask a new question if you need help.

What is the process for getting a certificate chain trusted

  • 3 replies
  • 2 have this problem
  • 74 views
  • Last reply by jpurtteman

jpurtteman
jpurtteman
more options

I would like to use WIFI 2.0 certificates issued by Digicert (a company whose other certificates you trust) but the chain they have used for the new product line is apparently not present in Firefox. So, sites that I key with it work fine from browsers that use the system's certificate store (chrome, internet explorer etc) but Firefox generates an error. The chain appears to be trusted by other vendors (Windows 10) so I am curious what it would take to get it added to Firefox. Until Firefox does this, one of the best (in fact, only) avenues for supporting Hotspot 2.0 WiFi networks is unavailable. Please advise!

I would like to use WIFI 2.0 certificates issued by Digicert (a company whose other certificates you trust) but the chain they have used for the new product line is apparently not present in Firefox. So, sites that I key with it work fine from browsers that use the system's certificate store (chrome, internet explorer etc) but Firefox generates an error. The chain appears to be trusted by other vendors (Windows 10) so I am curious what it would take to get it added to Firefox. Until Firefox does this, one of the best (in fact, only) avenues for supporting Hotspot 2.0 WiFi networks is unavailable. Please advise!

All Replies (3)

WestEnd
WestEnd
more options

Did you search here as well? I did and found this: It does help to also do a search as someone probably posted something about it.

https://support.mozilla.org/en-US/questions/1059377

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

To be able to build a certificate chain there needs to be a trusted root certificate installed in Firefox and all intermediate certificates need to be send by the server.

You can set this pref to true on the about:config page to import root certificates from the Windows certificate store.

  • security.enterprise_roots.enabled = true

You can open the about:config page via the location/address bar. You can accept the warning and click "I accept the risk!" to continue.

jpurtteman
jpurtteman Question owner
more options

That is interesting. I appear to be facing a different problem than I had originally thought! Per cor-el's advice, i changed the security.enterprise_roots.enabled to true, and that did not have any effect. The thing I do notice is that while Chrome reports a certificate path in a tree from Hotspot 2.0 Trust Root CA - 03 -> DigiCert Hotspot 2.0 Intermediate CA -> my-domain.com on firefox I seem to only get the my-domain.com portion with no intermediate certificate. So, looks like maybe I am facing a different issue than I had originally thought. I'll continue digging here, looks like for some reason Firefox is not receiving the higher level certificate chain, or is not accepting them anyway. Thank you for the idea, and other thoughts are appreciated, I'll be searching here and will post if I figure it out.