this post was submitted on 02 Aug 2023
1 points (100.0% liked)

Firefox

68 readers
1 users here now

The latest news and developments on Firefox and Mozilla, a global non-profit that strives to promote openness, innovation and opportunity on the web.

You can subscribe to this community from any Kbin or Lemmy instance:

Related

Rules

While we are not an official Mozilla community, we have adopted the Mozilla Community Participation Guidelines as far as it can be applied to a bin.

Rules

  1. Always be civil and respectful
    Don't be toxic, hostile, or a troll, especially towards Mozilla employees. This includes gratuitous use of profanity.

  2. Don't be a bigot
    No form of bigotry will be tolerated.

  3. Don't post security compromising suggestions
    If you do, include an obvious and clear warning.

  4. Don't post conspiracy theories
    Especially ones about nefarious intentions or funding. If you're concerned: Ask. Please don’t fuel conspiracy thinking here. Don’t try to spread FUD, especially against reliable privacy-enhancing software. Extraordinary claims require extraordinary evidence. Show credible sources.

  5. Don't accuse others of shilling
    Send honest concerns to the moderators and/or admins, and we will investigate.

  6. Do not remove your help posts after they receive replies
    Half the point of asking questions in a public sub is so that everyone can benefit from the answers—which is impossible if you go deleting everything behind yourself once you've gotten yours.

founded 1 year ago
MODERATORS
 

I'm a web developer working on an app running in Docker on my MacBook. Chrome, Edge and Safari trust the self-signed certificate that has been imported into the Mac's root certificate store and have no security issues, but when I try and access the web app, I'm hit with "Warning: Potential Security Risk Ahead" and the error code is MOZILLA_PKIX_ERROR_CA_CERT_USED_AS_END_ENTITY

I really miss Firefox, particularly the multi-account containers feature. What do I need to do so that Firefox will trust my certificate for my local web app?

top 3 comments
sorted by: hot top controversial new old
[–] Jarvis2323 2 points 1 year ago

Firefox has its own certificate store, and does not use the system one. So you have to import the cert into FF trusted store.

[–] [email protected] 0 points 1 year ago (1 children)

Does the certificate have a basic constraints extension with CA:TRUE set? Firefox doesn't allow that for certificates used as ‘end entity’ certificates. You'll want to re-generate the certificate without the extension.

[–] [email protected] 1 points 1 year ago

Looking at the certificate, it seems that yes, the certificate authority is set to 'yes'. So the certificate needs to be regenerated?