How do I import a self-signed CA certificate into Firefox "Authorities" tab?
How do I import a self-signed CA certificate into Firefox "Authorities"? I know where in Firefox I need to import and I believe it should be within the "Authorities" tab but I get an error "this is not a valid CA and will not be imported". I generated my CA cert with openssl. I would like corporate users to import it so that they don't get the "unknown certificate" messages for all the certs I sign for each web/FTP server in our company. Can someone please let me know if the "Authorities" store is where I should import my "custom" Certificate Authority? Thanks
Svi odgovori (3)
I have the same problem imho this SHOULD be the right place, but firefox refuses!
Apparently, I solved my issue.
I had created a cert with openssl's setting: basicConstraints=CA:false
whereas I had to set:
basicConstraints=CA:true
After regenerating the certificate, Firefox accepted to import it as an Authority.
Hope that helps.
Vieri
Thanks, this post helped me figure out what was missing even through I was using makecert on Windows instead of openssl to make the test root CA cert. I ended up using makecert -cy authority to get the "Subject Type=CA" into the Basic Constraints field on my test root CA cert, which Firefox then allowed me to import as an Authority.