This thread was archived. Please ask a new question if you need help.
Confirm security exceptions is not working after update to 3.6.
After update to 3.6 none of the certificates are being authorized for https: dod sites. When I try to trust the certificates by using an exception nothing happens.
URL of affected sites
All Replies (6)
I went through the process of installing the cert but they do not show up in the certificate list. The pop up for trusting the CA comes up then they do not appear in the list.
You need to look at "U.S. Government" in the certificate list for the DoD certificates.
There is not even a U.S. Government category on my list of certificates. Safari is working fine for the same sites but is not supported on others. So between the two I was able to finish what I was working on. Would be nice if Firefox would work properly.
Did you import the DOD root certificates?
Firefox > Preferences > Advanced : Encryption: Certificates
Here are the instructions on how to load the DoD certificates/authorities to Firefox:
- To import DoD Root CA certificates:
+Using Firefox, navigate to http://dodpki.c3pki.chamb.disa.mil/rootca.html +Click on the first link labeled "Download Class 3 Root CA Certificate" +and click on the "View Button". -Ensure that the SHA1 Fingerprint shown at the bottom matches the below: 10:F1:93:F3:40:AC:91:D6:DE:5F:1E:DC:00:62:47:C4:F2:5D:96:71 -!!! If it does not match, do not install the certificate !!! -If it does match, click on the "Close" button, check the first two check boxes and click "OK" - you may receive some errors for certificates that have expired, just click "OK" to continue.
+Follow the same procedures to download and install the DoD Root CA 2 +and External Certification Authority (ECA) Root CA certificates by clicking on the appropriate links and verifying the certificates by confirming the SHA1 Fingerprint matches the below:
-DoD Root CA 2 Fingerprint: 8C:94:1B:34:EA:1E:A6:ED:9A:E2:BC:54:CF:68:72:52:B4:C9:B5:61 -ECA Root CA Fingerprint: 3A:32:EF:7B:9A:B8:36:F8:37:18:1A:4C:EF:A3:55:C6:46:67:AC:BF
Once loaded they will show-up under U.S. Government, for some reason Firefox does not read these certificates/authorities from KeyChain Access same as Safari.