We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

firefox does not honor custom CA certificate

  • 1 reply
  • 7 have this problem
  • 2 views
  • Last reply by guigs

more options

Hi

I have a server intercepting traffic for all devices in my home network. It does HTTPS inspection. For this i generated a certificate. I Installed this certificate on all of my own devices (including firefox mobile). Recently i received a new phone, and installed firefox on it, now even after installing the certificate in firefox, it will NOT browse to websites (sec_error_untrusted_issuer)... yet obviously i trust my own hardware/software. I repeat, installing the certificate does not allow me to browse like before....

Hi I have a server intercepting traffic for all devices in my home network. It does HTTPS inspection. For this i generated a certificate. I Installed this certificate on all of my own devices (including firefox mobile). Recently i received a new phone, and installed firefox on it, now even after installing the certificate in firefox, it will NOT browse to websites (sec_error_untrusted_issuer)... yet obviously i trust my own hardware/software. I repeat, installing the certificate does not allow me to browse like before....

All Replies (1)

more options

Hi menne386, Thank you for your question, and this sounds pretty impressive for a home network :-)

This error is sometimes caused by an SSL mismatch and for self signed certificates: You can retrieve the certificate and check details like who issued certificates and expiration dates of certificates.

  • Click the link at the bottom of the error page: "I Understand the Risks"

Let Firefox retrieve the certificate: "Add Exception" -> "Get Certificate".

  • Click the "View..." button and inspect the certificate and check who is the issuer of the certificate.

Can also try the built in tool to force it< see https://developer.mozilla.org/en-US/d.../NSS_tools_:_certutil