And that the certificate has the "identify websites" bit set? On Fri, Sep 11, 2015 at 1:26 PM, Chris Palmer <[email protected]> wrote:
> On Thu, Sep 10, 2015 at 3:21 PM, AnilG <[email protected]> wrote: > > Thanks Chris, I appreciate any help I can get. I'm trying to help IT get > > this fixed so we can keep FF. > > > > I already, and now again on your advice, imported to Firefox Authorities > > Certificates the same certificate that was circulated by IT in a package, > > which is presumably the OS installed certificate that enables Chrome to > > work. Same error continues. I've passed on your advice to my ticket but > > don't yet have a response from my IT. > > > > Can you clarify how to install or required particulars of this > > certificate? It's sitting their in "Authorities" list but the cert seems > to > > have little information in it's fields. Perhaps it's inadequately > > constituted? The CN is a slightly lengthy piece of arbitrary free text > with > > no O or OU in the issued to, and no OU and the CN replicated in the O for > > the issued by section. Otherwise it's PKCS #1 SHA-256 With RSA Encryption > > with validity dates and a few other fields including a CRL distribution > > point with a local URI marked Not Critical.? > > > > Have you verified that the proxy issues its MITM certs *from that > particular issuing certificate*? > _______________________________________________ > dev-security-policy mailing list > [email protected] > https://lists.mozilla.org/listinfo/dev-security-policy > _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
