
How do I install DOD root certificates in linux?
I need to access this site: https://www.netfocus.netc.navy.mil/nrotc/candidate_app/Login.aspx in order to apply for the NROTC scholarship. I had previously been able to access this site last year, however, I updated firefox and all I get is a "Secure Connection Failed" error now. Well when I try to install the DOD Root CA Certificates at this site: http://dodpki.c3pki.chamb.disa.mil/rootca.html I get a never ending alert that say "This certificate can't be verified and will not be imported". What do I need to do in order to install this? I really need to access the first website.
Asịsa ahọpụtara
The site seems to be using TLS 1.0 It work if I add the domain to the whitelist.
The website may try to fallback to a lower TLS version in a way that is no longer allowed in current releases or may be using a deprecated cipher suite.
You can open the about:config page via the location/address bar and use its search bar to locate this pref:
- security.tls.insecure_fallback_hosts
You can double-click the line to modify the pref and add the full domain (www.netfocus.netc.navy.mil) to the value of this pref. If there are already websites (domains) in this list then add a comma and the new domain (no spaces). There should only be domains separated by a comma in the Value column (example.com,www.example.com).
If this helps then you can contact this website and ask them to look into this and update their security.
Gụọ azịza a na nghọta 👍 1All Replies (3)
See download dod_configuration-1.3.7.xpi:
Edeziri
cor-el said
See download dod_configuration-1.3.7.xpi:
I installed it, however, after I ran "Update DOD Certs" the certs were not included in my certificate list and I am still unable to access the site.
Asịsa Ahọpụtara
The site seems to be using TLS 1.0 It work if I add the domain to the whitelist.
The website may try to fallback to a lower TLS version in a way that is no longer allowed in current releases or may be using a deprecated cipher suite.
You can open the about:config page via the location/address bar and use its search bar to locate this pref:
- security.tls.insecure_fallback_hosts
You can double-click the line to modify the pref and add the full domain (www.netfocus.netc.navy.mil) to the value of this pref. If there are already websites (domains) in this list then add a comma and the new domain (no spaces). There should only be domains separated by a comma in the Value column (example.com,www.example.com).
If this helps then you can contact this website and ask them to look into this and update their security.