This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Wannan tattunawa ta zama daɗaɗɗiya. Yi sabuwar tambaya idan ka na bukatar taimako.

Cannot accept self-signed certificate on some machines

  • 1 amsa
  • 7 sa na da wannan matsala
  • 1 view
  • Amsa ta ƙarshe daga adaviel

adaviel
adaviel
more options

I'm trying to connect to a certain server that uses a self-signed certificate - the admin thinks that's safer than accepting thousands of unknown intermediate CAs, and he has a point; witness the Certificate Patrol add-on.

When I try from some client machines with various OS, FireFox versions etc., it works. I can accept the certificate permanently.

But on at least 3 machines, I get an error message "unable to obtain identification status for the given site", and I cannot confirm an exception and get to the site at all. 2 of those machines have FF 10.0.4. But on another machine with FF 10.0.4, there is no problem.

On machines where I can store an exception, when I look in the certificate manager, the certificate is marked "(not stored)", and I cannot view it. What does that mean ? A few other certs in the server store are also marked not stored, while most have a certificate name and are viewable, along with one marked "no nickname".

I'm trying to connect to a certain server that uses a self-signed certificate - the admin thinks that's safer than accepting thousands of unknown intermediate CAs, and he has a point; witness the Certificate Patrol add-on. When I try from some client machines with various OS, FireFox versions etc., it works. I can accept the certificate permanently. But on at least 3 machines, I get an error message "unable to obtain identification status for the given site", and I cannot confirm an exception and get to the site at all. 2 of those machines have FF 10.0.4. But on another machine with FF 10.0.4, there is no problem. On machines where I can store an exception, when I look in the certificate manager, the certificate is marked "(not stored)", and I cannot view it. What does that mean ? A few other certs in the server store are also marked not stored, while most have a certificate name and are viewable, along with one marked "no nickname".

Mafitar da aka zaɓa

The issue seems to revolve around a cached HTTPS redirect when the server certificate has changed. I have filed https://bugzilla.mozilla.org/show_bug.cgi?id=767611

The "not stored" issue I realize is due to a permanent excep[tion for a self-signed certificate being stored as a certificate authority, with a placeholder in the servers tab

Karanta wannan amsa a matsayinta 👍 0

All Replies (1)

adaviel
adaviel Mai mallakar tambaya
more options

Zaɓi Mafita

The issue seems to revolve around a cached HTTPS redirect when the server certificate has changed. I have filed https://bugzilla.mozilla.org/show_bug.cgi?id=767611

The "not stored" issue I realize is due to a permanent excep[tion for a self-signed certificate being stored as a certificate authority, with a placeholder in the servers tab