We have a problem with a Web SSL certificate (created internally using a Windows 2008 R2 Microsoft-based PKI) that authenticates just fine with IE 6, 7 and 8, but does not work with any version 3* or 4* of FireFox.
We have a purchased SSL certificate for this site from VeriSign, we are trying to replace it with our internally generated certificate. Surprisingly, if we change out the certificate to the VeriSign certificate, it has no problems getting to the site with any version of IE or FireFox or Opera.
The behavior we see is that with the MS-based (internally generated) certificate, the https://
link to the site DOES work sometimes, but DOES NOT work at other times. It is intermittent. The error is gives is:
‘Secure Connection Failed. An error occurred during a connection to xxx.xxxxxx.com. Certificate contains unknown critical extension. (error code: sec_error_unknown_critical
). The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the web site owners to inform them of this problem. Alternatively, use the command found in the help menu to report this broken site.’
The issue is not with FireFox needing to import and install the certificate in it’s store, the above error occurs even before Firefox normally prompts you to install/import the cert.
Thank you. msyed1.