about:config -> security.pki.certificate_transparency.disable_for_spki_hashes not working as expected
Hello community :)
hope everybody is doing well. I´m coming here with with asking for a help.
I´m managing browsers (Google Chrome, MS Edge and Firefox) in my company via GPOs. What we´ve been dealing with since 135 version came up is having the "Did Not Connect: Potential Security Issue error page , Error insufficient cert transparency" while visiting our internal resources.
Despite of having the security.pki.certificate_transparency.disable_for_spki_hashes set up -> main three certificate hashes are correctly added, basically copying the setup from Chromium browsers , where everything works as expected , Firefox is not.
The only way how to make it work is via security.pki.certificate_transparency.disable_for_hosts , which is , of course, not desirable , because of the security risks.
Does anyone face the same issues ?
Thank you very much ya´ll
All Replies (4)
One more question (I'm also asking the team).
I assume you're setting via the Preferences policy.
Does everything look correct in about:policies?
When you go to about:config and search on security.pki.certificate_transparency.disable_for_spki_hashes, is it set correctly?
And is it bold, italics, regular?
everything is correct , as far as im aware.. we havent read there should be set anything else that ties to ct transparency.
it is regular . As far as i recall, bold would be manually added value
KR Tomas
You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.