We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

How do I import a self-signed CA certificate into Firefox "Authorities" tab?

  • 3 个回答
  • 59 人有此问题
  • 15 次查看
  • 最后回复者为 trs1980

more options

How do I import a self-signed CA certificate into Firefox "Authorities"? I know where in Firefox I need to import and I believe it should be within the "Authorities" tab but I get an error "this is not a valid CA and will not be imported". I generated my CA cert with openssl. I would like corporate users to import it so that they don't get the "unknown certificate" messages for all the certs I sign for each web/FTP server in our company. Can someone please let me know if the "Authorities" store is where I should import my "custom" Certificate Authority? Thanks

How do I import a self-signed CA certificate into Firefox "Authorities"? I know where in Firefox I need to import and I believe it should be within the "Authorities" tab but I get an error "this is not a valid CA and will not be imported". I generated my CA cert with openssl. I would like corporate users to import it so that they don't get the "unknown certificate" messages for all the certs I sign for each web/FTP server in our company. Can someone please let me know if the "Authorities" store is where I should import my "custom" Certificate Authority? Thanks

所有回复 (3)

more options

I have the same problem imho this SHOULD be the right place, but firefox refuses!

more options

Apparently, I solved my issue.

I had created a cert with openssl's setting: basicConstraints=CA:false

whereas I had to set:

basicConstraints=CA:true

After regenerating the certificate, Firefox accepted to import it as an Authority.

Hope that helps.

Vieri

more options

Thanks, this post helped me figure out what was missing even through I was using makecert on Windows instead of openssl to make the test root CA cert. I ended up using makecert -cy authority to get the "Subject Type=CA" into the Basic Constraints field on my test root CA cert, which Firefox then allowed me to import as an Authority.