מוצגות שאלות עם התגיות:

Certificate problem accessing an internal company website

I am trying to reach an internal company website ([URL]), with a certificate chain rooted in a company certificate authority. This works fine in Chrome, and worked in Fir… (read more)

I am trying to reach an internal company website ([URL]), with a certificate chain rooted in a company certificate authority. This works fine in Chrome, and worked in Firefox on my previous computer. But i recently got a new machine, and something somewhere is not quite right. I get an error message looking like this (between the ~~~s):

~~~ Someone could be trying to impersonate the site and you should not continue.

Web sites prove their identity via certificates. Firefox does not trust [URL] because its certificate issuer is unknown, the certificate is self-signed, or the server is not sending the correct intermediate certificates.

Error code: SEC_ERROR_UNKNOWN_ISSUER

View Certificate ~~~

If i click on the error code, i get these details:

~~~ [URL]

Peer's Certificate issuer is not recognised.

HTTP Strict Transport Security: false HTTP Public Key Pinning: false

Certificate chain:

BEGIN CERTIFICATE-----

[certificate]

END CERTIFICATE-----
BEGIN CERTIFICATE-----

[certificate]

END CERTIFICATE-----
BEGIN CERTIFICATE-----

[certificate]

END CERTIFICATE-----

~~~

If i click 'View Certificate', i get a chain of three certificates:

  1. Subject common name = [certificate]
  2. Subject common name = [certificate]
  3. Subject common name = [certificate]

If i go to Settings > Privacy & Security > View Certificates > Authorities, i can find both the [certificate] certificates. As far as i can tell, they are identical - i can open the certificate from 'View Certificate' and the corresponding one from the certificate manager and flip between tabs, and all the details are the same.

I am using Firefox 120.0, via a flatpak, on Ubuntu 22. I have given the flatpak access to /etc/ssl/certs, where my company's internal CA certificates are located.

To me, this seems like it should all work. The server has a certificate signed by an internal CA, which is signed by another internal CA, and both those internal CA certificates are in my certificate manager. So what is going wrong? Is there any way i can debug this?

נפתרה Archived 2 1984
Firefox for Enterprise Release notes
twic replied לפני 2 שנים

How to Get rid of "Firefox closed unexpectedly while starting" error window

Unattended software (kiosk) here. Sometimes (so rarely that I cannot reproduce in dev) the client sees this error screen: "Firefox closed unexpectedly while starting..."… (read more)

Unattended software (kiosk) here.

Sometimes (so rarely that I cannot reproduce in dev) the client sees this error screen: "Firefox closed unexpectedly while starting..." (see image in attachment)

Sometimes when rebooting the error goes away and Firefox starts normally.

Sometimes even when rebooting the system - this vertical error screen appears, and one solution is to reinstall Firefox, but I'd like not to (if not necessary) or at least programmatically detect the issue and perform the needed actions.

QUESTIONS: How to programmatically detect (bash i.e.) that this error window is present and get rid of it properly? Or, how to (for debugging) force that screen to appear (to force that broken state)?

PS: I'm running Firefox using:

nohup firefox -P ff_custom_profile -new-instance -private-window -kiosk "$url" > /dev/null 2>&1 &

Thank you for any assistance or insight

Archived 2 343
Firefox for Enterprise Installation and updates
Mike Kaply replied לפני שנה