This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

How can I get my organizations cerificates put in your certificate manager baseline?

  • 2 replies
  • 1 has this problem
  • 8 views
  • Last reply by cor-el

more options

I work for the US Navy and am trying to import the DOD certs and receiving an error message saying "This certificate can't be verified and will not be imported. The certificate issuer might be unknown or untrusted, the certificate might have expired or been revoked, or the certificate might not have been approved." Then I look in the certificates and see them there but I am still unable to connect with .mil CAC enabled web sites. If I can get a direct email I could send screen shots or please reach out to me at xxx xxx xxxx.

Thanks, v/R

Chris Alford


edited phone# from spambots and public

I work for the US Navy and am trying to import the DOD certs and receiving an error message saying "This certificate can't be verified and will not be imported. The certificate issuer might be unknown or untrusted, the certificate might have expired or been revoked, or the certificate might not have been approved." Then I look in the certificates and see them there but I am still unable to connect with .mil CAC enabled web sites. If I can get a direct email I could send screen shots or please reach out to me at xxx xxx xxxx. Thanks, v/R Chris Alford edited phone# from spambots and public

Modified by James

All Replies (2)

more options

Hi Chris, here is an article on how certification authorities can apply for inclusion: https://wiki.mozilla.org/CA:How_to_apply

If the signing authority is DOD, then most likely DOD would need to apply, and that would allow all certificates it issues to be treated as valid. But it may be that DOD won't allow outside verification of its certificate issuing and key management practices to Mozilla's satisfaction, as it might view secrecy as more important than convenience.

Until then, you could try: https://wiki.mozilla.org/CA:AddRootToFirefox

more options

You can try:

Current Firefox releases require extensions to be signed to prevent abuse by malware. In Firefox 43 and later unsigned extensions will be disabled by default. You can set xpinstall.signatures.required to false to disable this security feature in the current Firefox releases. In later Firefox releases and Beta builds (47+) you may not be able to override this anymore.

See also: