Office proxy firewalls monitor secure (https) connections and send their own certificate instead of the website's certificate
Firefox works fine from my home network or while I connect to internet directly via data card. However @ my office we use proxy and for almost all the sites (even google search) Firefox stops me stating "This Connection is Untrusted".
Attached are the screenshot for the same to help to help me.
I search quite a lot and closest I came was at this url https://support.mozilla.org/en-US/questions/978722
Is there a way in Firefox to add this office proxy certificate in the certificate chain (not sure if that Will that help??)
How do I solve this? Kindly advice.
Gekose oplossing
I think most proxies work the same way: they generate a fake certificate for the website and present that to your browser so they can decrypt and inspect the traffic between you and the site. It's a hassle having to make exceptions for the individual fake certificates -- it's more efficient to recognize the certificate the proxy uses to sign the fake certificates as a valid certificate authority.
The trick is identifying that certificate. It might be easiest to do from IE or Chrome, since both use the Windows certificate store (Firefox uses its own). By inspecting the certificate for a secure site and the certificate used to sign it, you may be able to identify and export that certificate (DER or .cer format).
In Firefox, you would import that into the Authorities section of the Certificates dialog:
"3-bar" menu button (or Tools menu) > Options > Advanced > Certificates mini-tab > "View Certificates" button > Authorities mini-tab > "Import..." button
Of course, it probably is safest to verify with your IT that you've found and exported the correct certificate before importing it into Firefox.
Lees dié antwoord in konteks 👍 1All Replies (2)
Gekose oplossing
I think most proxies work the same way: they generate a fake certificate for the website and present that to your browser so they can decrypt and inspect the traffic between you and the site. It's a hassle having to make exceptions for the individual fake certificates -- it's more efficient to recognize the certificate the proxy uses to sign the fake certificates as a valid certificate authority.
The trick is identifying that certificate. It might be easiest to do from IE or Chrome, since both use the Windows certificate store (Firefox uses its own). By inspecting the certificate for a secure site and the certificate used to sign it, you may be able to identify and export that certificate (DER or .cer format).
In Firefox, you would import that into the Authorities section of the Certificates dialog:
"3-bar" menu button (or Tools menu) > Options > Advanced > Certificates mini-tab > "View Certificates" button > Authorities mini-tab > "Import..." button
Of course, it probably is safest to verify with your IT that you've found and exported the correct certificate before importing it into Firefox.
Thanks a lot jscher, it helps. Will follow the steps you mentioned.
Gewysig op deur ravi.ved