We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Tìm kiếm hỗ trợ

Tránh các lừa đảo về hỗ trợ. Chúng tôi sẽ không bao giờ yêu cầu bạn gọi hoặc nhắn tin đến số điện thoại hoặc chia sẻ thông tin cá nhân. Vui lòng báo cáo hoạt động đáng ngờ bằng cách sử dụng tùy chọn "Báo cáo lạm dụng".

Tìm hiểu thêm

Problem importing a root certificate authority from IE environment

  • 1 trả lời
  • 35 gặp vấn đề này
  • 3 lượt xem
  • Trả lời mới nhất được viết bởi trs1980

more options

I created a self-signed trusted root authority certificate using Microsoft's makecert utility - this is for a test environment... I imported it into the IE environment using Microsoft's MMC utility and it works fine. Using IE I can browse to our test server using https with no problem.

When I export that certificate out of the IE environment (using MMC) in a base64 format (DER also) and try to import it into Firefox I get an error, "This is not a certificate authority certificate, so it can't be imported into the certificate authority list." How can I get firefox to trust a test CA certificate?

I created a self-signed trusted root authority certificate using Microsoft's makecert utility - this is for a test environment... I imported it into the IE environment using Microsoft's MMC utility and it works fine. Using IE I can browse to our test server using https with no problem. When I export that certificate out of the IE environment (using MMC) in a base64 format (DER also) and try to import it into Firefox I get an error, "This is not a certificate authority certificate, so it can't be imported into the certificate authority list." How can I get firefox to trust a test CA certificate?

Tất cả các câu trả lời (1)

more options

One potential cause of this problem - Firefox will not import self-signed root CA certificates that are missing the value "Subject Type=CA" in the Basic Constraints field (visible on the Details tab when you view the certificate in Windows.) Contact the person who supplied you with the test self-signed root authority certificate and tell them that they need to add that constraint to either the certificate request or the command line when making the self-signed root CA certificate. The switch on makecert is -cy authority. I found the following helpful: http://stackoverflow.com/questions/496658/using-makecert-for-development-ssl