Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

Fungovanie tejto stránky je z dôvodu údržby dočasne obmedzené. Ak článok nevyrieši váš problém a chcete položiť otázku, napíšte našej komunite podpory na Twitter @FirefoxSupport alebo Reddit /r/firefox.

Vyhľadajte odpoveď

Vyhnite sa podvodom s podporou. Nikdy vás nebudeme žiadať, aby ste zavolali alebo poslali SMS na telefónne číslo alebo zdieľali osobné informácie. Nahláste prosím podozrivú aktivitu použitím voľby “Nahlásiť zneužitie”.

Ďalšie informácie

Update to Firefox 57, now receive HTTPS (HSTS) error when visiting secure sites, and importing self signed certificate of proxy into store is now ineffective.

  • 1 odpoveď
  • 4 majú tento problém
  • 1 zobrazenie
  • Posledná odpoveď od jrnoc

more options

My organization uses a firewall the implements forward proxy SSL decryption. Normally we allow this by importing our corporate self signed certificate into the trusted Authorities store in firefox. After upgrading to firefox 57 from firefox 56, we are now receiving an error (attached image) on seemingly every secure website.

"This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox may only connect to it securely. As a result, it is not possible to add an exception for this certificate."

"The certificate is not trusted because the issuer certificate is unknown. The server might not be sending the appropriate intermediate certificates. An additional root certificate may need to be imported."

Adding our trusted root cert into Authorities does not seem to be effective anymore. Exempting the test PC from decryption at the firewall allows it to connect to secure sites just fine, but the test PC is now exempt from layer 7 signatures, IPS, antivirus, and zero-day protection provided by our firewall.

Has anyone else run into this issue? Any assistance would be extremely appreciated.

My organization uses a firewall the implements forward proxy SSL decryption. Normally we allow this by importing our corporate self signed certificate into the trusted Authorities store in firefox. After upgrading to firefox 57 from firefox 56, we are now receiving an error (attached image) on seemingly every secure website. "This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox may only connect to it securely. As a result, it is not possible to add an exception for this certificate." "The certificate is not trusted because the issuer certificate is unknown. The server might not be sending the appropriate intermediate certificates. An additional root certificate may need to be imported." Adding our trusted root cert into Authorities does not seem to be effective anymore. Exempting the test PC from decryption at the firewall allows it to connect to secure sites just fine, but the test PC is now exempt from layer 7 signatures, IPS, antivirus, and zero-day protection provided by our firewall. Has anyone else run into this issue? Any assistance would be extremely appreciated.

Všetky odpovede (1)

more options

This was solved by adding the certificate chain in .p7b format instead of .cer.