Dette websted vil have begrænset funktionalitet, mens vi gennemgår vedligeholdelse for at forbedre din oplevelse. Hvis en artikel ikke løser dit problem, og du vil stille et spørgsmål, har vi vores supportfællesskab, der venter på at hjælpe dig på @FirefoxSupport på Twitter og/r/firefox på Reddit.

Søg i Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Læs mere

Update to Firefox 57, now receive HTTPS (HSTS) error when visiting secure sites, and importing self signed certificate of proxy into store is now ineffective.

  • 1 svar
  • 4 har dette problem
  • 1 visning
  • Seneste svar af jrnoc

more options

My organization uses a firewall the implements forward proxy SSL decryption. Normally we allow this by importing our corporate self signed certificate into the trusted Authorities store in firefox. After upgrading to firefox 57 from firefox 56, we are now receiving an error (attached image) on seemingly every secure website.

"This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox may only connect to it securely. As a result, it is not possible to add an exception for this certificate."

"The certificate is not trusted because the issuer certificate is unknown. The server might not be sending the appropriate intermediate certificates. An additional root certificate may need to be imported."

Adding our trusted root cert into Authorities does not seem to be effective anymore. Exempting the test PC from decryption at the firewall allows it to connect to secure sites just fine, but the test PC is now exempt from layer 7 signatures, IPS, antivirus, and zero-day protection provided by our firewall.

Has anyone else run into this issue? Any assistance would be extremely appreciated.

My organization uses a firewall the implements forward proxy SSL decryption. Normally we allow this by importing our corporate self signed certificate into the trusted Authorities store in firefox. After upgrading to firefox 57 from firefox 56, we are now receiving an error (attached image) on seemingly every secure website. "This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox may only connect to it securely. As a result, it is not possible to add an exception for this certificate." "The certificate is not trusted because the issuer certificate is unknown. The server might not be sending the appropriate intermediate certificates. An additional root certificate may need to be imported." Adding our trusted root cert into Authorities does not seem to be effective anymore. Exempting the test PC from decryption at the firewall allows it to connect to secure sites just fine, but the test PC is now exempt from layer 7 signatures, IPS, antivirus, and zero-day protection provided by our firewall. Has anyone else run into this issue? Any assistance would be extremely appreciated.

Alle svar (1)

more options

This was solved by adding the certificate chain in .p7b format instead of .cer.