msyed1
asked on
Internally Generated SSL Cert works with IE, does not work with FireFox
Hello,
We have a problem with a Web SSL certificate (created internally using a Windows 2008 R2 Microsoft-based PKI) that authenticates just fine with IE 6, 7 and 8, but does not work with any version 3* or 4* of FireFox.
We have a purchased SSL certificate for this site from VeriSign, we are trying to replace it with our internally generated certificate. Surprisingly, if we change out the certificate to the VeriSign certificate, it has no problems getting to the site with any version of IE or FireFox or Opera.
The behavior we see is that with the MS-based (internally generated) certificate, the https:// link to the site DOES work sometimes, but DOES NOT work at other times. It is intermittent. The error is gives is:
‘Secure Connection Failed. An error occurred during a connection to xxx.xxxxxx.com. Certificate contains unknown critical extension. (error code: sec_error_unknown_critical
The issue is not with FireFox needing to import and install the certificate in it’s store, the above error occurs even before Firefox normally prompts you to install/import the cert.
Thank you. msyed1.
We have a problem with a Web SSL certificate (created internally using a Windows 2008 R2 Microsoft-based PKI) that authenticates just fine with IE 6, 7 and 8, but does not work with any version 3* or 4* of FireFox.
We have a purchased SSL certificate for this site from VeriSign, we are trying to replace it with our internally generated certificate. Surprisingly, if we change out the certificate to the VeriSign certificate, it has no problems getting to the site with any version of IE or FireFox or Opera.
The behavior we see is that with the MS-based (internally generated) certificate, the https:// link to the site DOES work sometimes, but DOES NOT work at other times. It is intermittent. The error is gives is:
‘Secure Connection Failed. An error occurred during a connection to xxx.xxxxxx.com. Certificate contains unknown critical extension. (error code: sec_error_unknown_critical
The issue is not with FireFox needing to import and install the certificate in it’s store, the above error occurs even before Firefox normally prompts you to install/import the cert.
Thank you. msyed1.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Can you please tell me how to make sure that the private key is not in there (imbedded) in the certificate ??
The certificate I have has a .cer extension. Does .cer file NOT contain the private key ?? I just want to make sure before I send it out.
Thanks for your help. msyed1