搜尋 Mozilla 技術支援網站

防止技術支援詐騙。我們絕對不會要求您撥打電話或發送簡訊,或是提供個人資訊。請用「回報濫用」功能回報可疑的行為。

了解更多

Cannot accept self-signed certificate on some machines

  • 1 回覆
  • 7 有這個問題
  • 8 次檢視
  • 最近回覆由 adaviel

more options

I'm trying to connect to a certain server that uses a self-signed certificate - the admin thinks that's safer than accepting thousands of unknown intermediate CAs, and he has a point; witness the Certificate Patrol add-on.

When I try from some client machines with various OS, FireFox versions etc., it works. I can accept the certificate permanently.

But on at least 3 machines, I get an error message "unable to obtain identification status for the given site", and I cannot confirm an exception and get to the site at all. 2 of those machines have FF 10.0.4. But on another machine with FF 10.0.4, there is no problem.

On machines where I can store an exception, when I look in the certificate manager, the certificate is marked "(not stored)", and I cannot view it. What does that mean ? A few other certs in the server store are also marked not stored, while most have a certificate name and are viewable, along with one marked "no nickname".

I'm trying to connect to a certain server that uses a self-signed certificate - the admin thinks that's safer than accepting thousands of unknown intermediate CAs, and he has a point; witness the Certificate Patrol add-on. When I try from some client machines with various OS, FireFox versions etc., it works. I can accept the certificate permanently. But on at least 3 machines, I get an error message "unable to obtain identification status for the given site", and I cannot confirm an exception and get to the site at all. 2 of those machines have FF 10.0.4. But on another machine with FF 10.0.4, there is no problem. On machines where I can store an exception, when I look in the certificate manager, the certificate is marked "(not stored)", and I cannot view it. What does that mean ? A few other certs in the server store are also marked not stored, while most have a certificate name and are viewable, along with one marked "no nickname".

被選擇的解決方法

The issue seems to revolve around a cached HTTPS redirect when the server certificate has changed. I have filed https://bugzilla.mozilla.org/show_bug.cgi?id=767611

The "not stored" issue I realize is due to a permanent excep[tion for a self-signed certificate being stored as a certificate authority, with a placeholder in the servers tab

從原來的回覆中察看解決方案 👍 0

所有回覆 (1)

more options

選擇的解決方法

The issue seems to revolve around a cached HTTPS redirect when the server certificate has changed. I have filed https://bugzilla.mozilla.org/show_bug.cgi?id=767611

The "not stored" issue I realize is due to a permanent excep[tion for a self-signed certificate being stored as a certificate authority, with a placeholder in the servers tab