Connection is not secure error, when using a local trusted Root CA in the domain.
We are using a local root CA in a domain and the certificate is example.local. When accessing this website we're still having the Connection is not secure error. Strangely enough this is not happening on other browsers.
We also tried to manually import the Root CA certificate in the FF certificate manager.
Additional System Details
- User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36
Hi mvassallo, what is the error code? You might need to click the "Advanced" or "More information" button (the one to the right of the Go Back button in the page) to access that.
As you may recall, the Certificate Manager dialog on the Options page has several tabs. Make sure you import into the Authorities tab.
Hi Thanks for your reply. Yes we did import the root CA in the Authorities tab. Could this be because the certificate domain is published for .local? Chrome recognizes this cert and does not prompt for any security warning. We want to implement this acception for firefox via GPO if there is no fix for it.
What error code are you getting?
Also, we probably should move your question to the "Firefox for Enterprise" forum where you could hopefully attract a response from someone more familiar with Firefox's Group Policy features.
Quote: we probably should move your question to the "Firefox for Enterprise" forum
I was thinking the same when I noticed this question and will move it over to "Firefox for Enterprise".
Do you see the certificate added to the certificate chain when this certificate is imported in the Certificate Manager?
Any luck with importing root certificates from the Windows certificate storage?
You can set this pref to true on the about:config page to import root certificate(s) from the Windows certificate store (there is a policy available, so this is merely a quick test).
- security.enterprise_roots.enabled = true
Thanks all for your help! :)
Unfortunately these still did not solve the issue. Is there a way how to force Firefox to trust the local cert stores?