Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

self-signed CA certificate on roaming install (Windows 7)

Posted on 2014-01-15
4
Medium Priority
?
469 Views
Last Modified: 2014-01-15
Hi Experts,
Please correct me where I'm wrong.  I'm doing the following all on the same computer, running Windows 7.

I'm creating a self-signed cert and adding it to my trusted root authorities with MMC with certificate snap-in with this call:

This is how this CA cert is created:
makecert.exe -sr currentuser -ss ROOT -a sha1 -n "CN=MyCompany,O=MyCompany,OU=R&D" -sky signature -pe -r "MyCompanyCA.cer" -sv "MyCompanyCA.pvk"

Open in new window


Then I create a signed certificate with my self-signed CA cert (that should now be trusted on my machine) with this line:
makecert.exe -sr currentuser -ss MY -a sha1 -n "CN=localhost,O=MyCompany,OU=R&D" -sky exchange -pe -ir currentuser -iv "MyCompanyCA.pvk" -ic "MyCompanyCA.cer"

Open in new window


My application uses this (2nd) certificate to give me HTTPS in an embedded webserver from http://webserver.codeplex.com/ (the cert it uses is a pfx from the 2nd cert above.

Firefox gives me a warning telling me my certificate is not trusted (even though it's been signed with the self-signed CA cert that is sitting in my certificate store).  What gives?  I don't want to have to add the exception...

Many thanks,
Mike
0
Comment
Question by:thready
  • 2
  • 2
4 Comments
 
LVL 33

Accepted Solution

by:
Dave Howe earned 2000 total points
ID: 39782672
Firefox does not use windows for certificates.
instead, import into your firefox certificate store
Goto: Tools>>Options, Advanced, Encryption, hit the "certificates" button, and import there.
0
 
LVL 1

Author Comment

by:thready
ID: 39782705
Oh!  Is this the same for chrome?  (I think I had the same issue with chrome).  But not IE.  (or vice versa)...
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 39782753
Well, I thought chrome used the local windows keystore - certainly on my machine, when you select settings >> advanced >> https/ssl >> manage certificates,  you get the same plugin you get if you look in IE....
0
 
LVL 1

Author Closing Comment

by:thready
ID: 39782773
Probably just firefox - I have to try this again.  Many thanks!
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Keystroke loggers have been around for a very long time. While the threat is old, some of the remedies are new!
A new hacking trick has emerged leveraging your own helpdesk or support ticketing tools as an easy way to distribute malware.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Suggested Courses

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question