Windows Certificates not Showing in Firefox
We are using Firefox 50 and some systems show the Windows Certificates Store in Firefox and others do not. Why is this only working on some PCs and not others when they all have the same certificates showing in the Windows Certificate Store?
We are trying to enable SSL inspection and would like to have this a streamlined as possible.
Wšykne wótegrona (2)
hi bend_of_the_river, firefox uses its own trust store and doesn't use the certificates stored on a system level by default at all. in order to change that and import the windows root certs, please refer to this recent blog post: https://mike.kaply.com/2016/09/01/upcoming-changes-to-root-certificates-in-firefox-on-windows/
In that post it states, "This feature is available in Firefox 49 and up (currently in beta). To give it a try, go to about:config and add the boolean preference security.enterprise_roots.enabled and set it to true. After that, Firefox should connect successfully to sites using certificates issued by 3rd party root certificates that have been added to the Windows trust database. Note that currently these root certificates will not appear in Firefox’s certificate manager as they are intended to be managed from the interfaces provided by Windows itself. This may change in the future."
We have enabled the the preference security.enterprise_roots.enabled and set it to true. On some systems this the root certificates do show in Firefox and on others they do not. When testing SSL inspection, the test systems all have the certificates in the WIndows Certificate Store, but the systems that do not show the certificates in Firefox cannot access HTTPS sites using Firefox. Systems that do show the certificates in Firefox are able to access the same HTTPS sites.
We are running v50 and understand that this feature may still be in testing, but are interested in why our results are not consistent across test systems.