This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Using mTLS with Firefox on Android

more options

Hello,

The default browser in our company is Firefox. We have some internal websites now available from outside with mTLS.

This is working fine with Firefox on laptop (fedora), but I cannot make it work with Firefox on Android (which is crucial as the aim of this project is to have those apps securely available to all or employees from outside).

I installed the user certificate in the Android "User credentials" trust store, but Firefox (version 128.0.1) is not offering to use that certificate for mTLS, and just show a "Secure Connection Failed" error message.

How can we have Firefox on Android using the user CA to access those applications?

Thank you in advance for your feedback.

Best regards,

B.

Hello, The default browser in our company is Firefox. We have some internal websites now available from outside with mTLS. This is working fine with Firefox on laptop (fedora), but I cannot make it work with Firefox on Android (which is crucial as the aim of this project is to have those apps securely available to all or employees from outside). I installed the user certificate in the Android "User credentials" trust store, but Firefox (version 128.0.1) is not offering to use that certificate for mTLS, and just show a "Secure Connection Failed" error message. How can we have Firefox on Android using the user CA to access those applications? Thank you in advance for your feedback. Best regards, B.

All Replies (2)

more options

Did you enable Use third party CA certificates?

Helpful?

more options

This option is enabled, yes. And the Company's CA is added as well in the trust store. The trust of the website's certificate seems OK as we don't have a "Insecure Website" error, but the mTLS handshake is not going through and firefox is not asking if it can send the user Certificate, as it does on Fedora

Helpful?

Still et spørsmål

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.