Hi, I started using firefox 3 and I am now getting errors connecting to intra-net sites that were OK in firefox 2. We have our own intra-net and we have a CA that issues server certs and user certs. I have loaded the CA certs and the CA certs are visable under "Authorities" tab (Preferences->Advanced->Encryption->View Certificates) and the "This certificate can identify web sites" is checked. In firefox 2, this was sufficient to stop the warnings, but with firefox 3, I now get ssl_error_bad_cert_domain error. I can go through the motions and add an exception, but this is a pain to do for each of the servers.
If I manually add the exception will this permanently bypass all the other cert checking (valid dates, revocation, etc.)? If I "Get Certificate" when I manually "Add Security Exception", it seems that firefox complains about "Certificate Status" and "Wrong Site". Under "Certificate Status", it says "This site attempts to identify itself with invalid information", but I can't understand why because firefox has the CA certs so it should be able to validate the cert. Under "Wrong Site" it says "Certificate belongs to a different site which could indicate an identity theft" and I might be able to accept that because the URL is different than that found doing a reverse DNS lookup. How can I get firefox to stop complaining about the certificates for intra-net sites? Is there something I need to place in the server certs? Bruce
_______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
