We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Şu anda bakım nedeniyle sitemiz kısıtlı işlevsellik sunmaktadır. Mevcut makaleler sorununuzu çözmediyse ve bize soru sormak isterseniz Twitter’da @FirefoxSupport hesabından ve Reddit’teki /r/firefox subreddit'inden destek gönüllülerimize ulaşabilirsiniz.

Mozilla Destek’te Ara

Destek dolandırıcılığından kaçının. Mozilla sizden asla bir telefon numarasını aramanızı, mesaj göndermenizi veya kişisel bilgilerinizi paylaşmanızı istemez. Şüpheli durumları “Kötüye kullanım bildir” seçeneğini kullanarak bildirebilirsiniz.

Daha Fazlasını Öğren

Update to Firefox 57, now receive HTTPS (HSTS) error when visiting secure sites, and importing self signed certificate of proxy into store is now ineffective.

  • 1 yanıt
  • 4 kişi bu sorunu yaşıyor
  • 1 gösterim
  • Son yanıtı yazan: jrnoc

more options

My organization uses a firewall the implements forward proxy SSL decryption. Normally we allow this by importing our corporate self signed certificate into the trusted Authorities store in firefox. After upgrading to firefox 57 from firefox 56, we are now receiving an error (attached image) on seemingly every secure website.

"This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox may only connect to it securely. As a result, it is not possible to add an exception for this certificate."

"The certificate is not trusted because the issuer certificate is unknown. The server might not be sending the appropriate intermediate certificates. An additional root certificate may need to be imported."

Adding our trusted root cert into Authorities does not seem to be effective anymore. Exempting the test PC from decryption at the firewall allows it to connect to secure sites just fine, but the test PC is now exempt from layer 7 signatures, IPS, antivirus, and zero-day protection provided by our firewall.

Has anyone else run into this issue? Any assistance would be extremely appreciated.

My organization uses a firewall the implements forward proxy SSL decryption. Normally we allow this by importing our corporate self signed certificate into the trusted Authorities store in firefox. After upgrading to firefox 57 from firefox 56, we are now receiving an error (attached image) on seemingly every secure website. "This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox may only connect to it securely. As a result, it is not possible to add an exception for this certificate." "The certificate is not trusted because the issuer certificate is unknown. The server might not be sending the appropriate intermediate certificates. An additional root certificate may need to be imported." Adding our trusted root cert into Authorities does not seem to be effective anymore. Exempting the test PC from decryption at the firewall allows it to connect to secure sites just fine, but the test PC is now exempt from layer 7 signatures, IPS, antivirus, and zero-day protection provided by our firewall. Has anyone else run into this issue? Any assistance would be extremely appreciated.

Tüm Yanıtlar (1)

more options

This was solved by adding the certificate chain in .p7b format instead of .cer.