Támogatás keresése

Kerülje el a támogatási csalásokat. Sosem kérjük arra, hogy hívjon fel egy telefonszámot vagy osszon meg személyes információkat. Jelentse a gyanús tevékenységeket a „Visszaélés bejelentése” lehetőséggel.

További tudnivalók

A témacsoportot lezárták és archiválták. Tegyen fel új kérdést, ha segítségre van szüksége.

Problem importing a root certificate authority from IE environment

  • 1 válasz
  • 35 embernek van ilyen problémája
  • 1 megtekintés
  • Utolsó üzenet ettől: trs1980

more options

I created a self-signed trusted root authority certificate using Microsoft's makecert utility - this is for a test environment... I imported it into the IE environment using Microsoft's MMC utility and it works fine. Using IE I can browse to our test server using https with no problem.

When I export that certificate out of the IE environment (using MMC) in a base64 format (DER also) and try to import it into Firefox I get an error, "This is not a certificate authority certificate, so it can't be imported into the certificate authority list." How can I get firefox to trust a test CA certificate?

I created a self-signed trusted root authority certificate using Microsoft's makecert utility - this is for a test environment... I imported it into the IE environment using Microsoft's MMC utility and it works fine. Using IE I can browse to our test server using https with no problem. When I export that certificate out of the IE environment (using MMC) in a base64 format (DER also) and try to import it into Firefox I get an error, "This is not a certificate authority certificate, so it can't be imported into the certificate authority list." How can I get firefox to trust a test CA certificate?

Összes válasz (1)

more options

One potential cause of this problem - Firefox will not import self-signed root CA certificates that are missing the value "Subject Type=CA" in the Basic Constraints field (visible on the Details tab when you view the certificate in Windows.) Contact the person who supplied you with the test self-signed root authority certificate and tell them that they need to add that constraint to either the certificate request or the command line when making the self-signed root CA certificate. The switch on makecert is -cy authority. I found the following helpful: http://stackoverflow.com/questions/496658/using-makecert-for-development-ssl