Questo sito potrebbe offrire funzionalità limitate durante le operazioni di manutenzione per migliorare l'esperienza utente. Se un articolo non risolve il tuo problema e vuoi richiedere supporto, la nostra comunità di supporto è pronta ad aiutarti tramite @FirefoxSupport su Twitter e /r/firefox su Reddit.

Cerca nel supporto

Attenzione alle mail truffa. Mozilla non chiederà mai di chiamare o mandare messaggi a un numero di telefono o di inviare dati personali. Segnalare qualsiasi attività sospetta utilizzando l'opzione “Segnala abuso”.

Ulteriori informazioni

Questa discussione è archiviata. Inserire una nuova richiesta se occorre aiuto.

certutil imported CA doesn't show up on the list

  • 3 risposte
  • 3 hanno questo problema
  • 13 visualizzazioni
  • Ultima risposta di cor-el

more options

Running Firefox 30.0.

I am trying to add our internal root CA to be trusted by Firefox using command line. I ran this command:

C:\temp\tools>certutil -A -n "Internal Certificate Authority CA" -t "CT,c,c" -i "cert1.cer" -d "C:\Users\myuserid\AppData\Roaming\Mozilla\Firefox\Profiles\72k9o7ll.default"

After that succeeded, I ran this to verify it got added:

C:\temp\tools>certutil.exe -L -d "C:\Users\myuserid\AppData\Roaming\Mozilla\Firefox\Profiles\72k9o7ll.default"

Certificate Nickname Trust Attributes SSL,S/MIME,JAR/XPI

DigiCert High Assurance CA-3 ,, GeoTrust SSL CA ,, Thawte SSL CA ,, VeriSign Class 3 Secure Server CA - G3 ,, DigiCert High Assurance EV CA-1 ,, VeriSign Class 3 Extended Validation SSL CA ,, Cybertrust Public SureServer SV CA ,, Internal Certificate Authority CA CT,c,c DigiCert SHA2 Extended Validation Server CA ,, Google Internet Authority G2 ,, GeoTrust SSL CA - G2 ,, Starfield Secure Certification Authority ,, Go Daddy Secure Certificate Authority - G2 ,, DigiCert SHA2 Secure Server CA ,, GlobalSign Extended Validation CA - SHA256 - G2 ,, RapidSSL CA ,,

It's showing up on the list above but when I go to Firefox and open Tools ->Options->Advanced->Certificates->View Certificates->Authorities, I see a long list of certificates different than the one displayed above and my "Internal Certificate Authority CA" is NOT on the list. When I go to my internal sites protected with SSL issued by the internal CA, they are still not trusted. What am I missing?

Thanks a lot.

Running Firefox 30.0. I am trying to add our internal root CA to be trusted by Firefox using command line. I ran this command: C:\temp\tools>certutil -A -n "Internal Certificate Authority CA" -t "CT,c,c" -i "cert1.cer" -d "C:\Users\myuserid\AppData\Roaming\Mozilla\Firefox\Profiles\72k9o7ll.default" After that succeeded, I ran this to verify it got added: C:\temp\tools>certutil.exe -L -d "C:\Users\myuserid\AppData\Roaming\Mozilla\Firefox\Profiles\72k9o7ll.default" Certificate Nickname Trust Attributes SSL,S/MIME,JAR/XPI DigiCert High Assurance CA-3 ,, GeoTrust SSL CA ,, Thawte SSL CA ,, VeriSign Class 3 Secure Server CA - G3 ,, DigiCert High Assurance EV CA-1 ,, VeriSign Class 3 Extended Validation SSL CA ,, Cybertrust Public SureServer SV CA ,, Internal Certificate Authority CA CT,c,c DigiCert SHA2 Extended Validation Server CA ,, Google Internet Authority G2 ,, GeoTrust SSL CA - G2 ,, Starfield Secure Certification Authority ,, Go Daddy Secure Certificate Authority - G2 ,, DigiCert SHA2 Secure Server CA ,, GlobalSign Extended Validation CA - SHA256 - G2 ,, RapidSSL CA ,, It's showing up on the list above but when I go to Firefox and open Tools ->Options->Advanced->Certificates->View Certificates->Authorities, I see a long list of certificates different than the one displayed above and my "Internal Certificate Authority CA" is NOT on the list. When I go to my internal sites protected with SSL issued by the internal CA, they are still not trusted. What am I missing? Thanks a lot.

Tutte le risposte (3)

more options

Does it at least work if you import the file directly in the Certificate Manager and set the trust bits as required?

more options

yes, if I go through the GUI in Firefox it works fine but it doesn't work in command line. Any ideas what could be wrong?

more options

Did you try the -L parameter after you have imported the certificate to see if it looks different that way?

Did you try "CTu,c,c" ?