Solved

self-signed CA certificate on roaming install (Windows 7)

Posted on 2014-01-15
4
463 Views
Last Modified: 2014-01-15
Hi Experts,
Please correct me where I'm wrong.  I'm doing the following all on the same computer, running Windows 7.

I'm creating a self-signed cert and adding it to my trusted root authorities with MMC with certificate snap-in with this call:

This is how this CA cert is created:
makecert.exe -sr currentuser -ss ROOT -a sha1 -n "CN=MyCompany,O=MyCompany,OU=R&D" -sky signature -pe -r "MyCompanyCA.cer" -sv "MyCompanyCA.pvk"

Open in new window


Then I create a signed certificate with my self-signed CA cert (that should now be trusted on my machine) with this line:
makecert.exe -sr currentuser -ss MY -a sha1 -n "CN=localhost,O=MyCompany,OU=R&D" -sky exchange -pe -ir currentuser -iv "MyCompanyCA.pvk" -ic "MyCompanyCA.cer"

Open in new window


My application uses this (2nd) certificate to give me HTTPS in an embedded webserver from http://webserver.codeplex.com/ (the cert it uses is a pfx from the 2nd cert above.

Firefox gives me a warning telling me my certificate is not trusted (even though it's been signed with the self-signed CA cert that is sitting in my certificate store).  What gives?  I don't want to have to add the exception...

Many thanks,
Mike
0
Comment
Question by:thready
  • 2
  • 2
4 Comments
 
LVL 33

Accepted Solution

by:
Dave Howe earned 500 total points
ID: 39782672
Firefox does not use windows for certificates.
instead, import into your firefox certificate store
Goto: Tools>>Options, Advanced, Encryption, hit the "certificates" button, and import there.
0
 
LVL 1

Author Comment

by:thready
ID: 39782705
Oh!  Is this the same for chrome?  (I think I had the same issue with chrome).  But not IE.  (or vice versa)...
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 39782753
Well, I thought chrome used the local windows keystore - certainly on my machine, when you select settings >> advanced >> https/ssl >> manage certificates,  you get the same plugin you get if you look in IE....
0
 
LVL 1

Author Closing Comment

by:thready
ID: 39782773
Probably just firefox - I have to try this again.  Many thanks!
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Microservice architecture adoption brings many advantages, but can add intricacy. Selecting the right orchestration tool is most important for business specific needs.
Many companies are looking to get out of the datacenter business and to services like Microsoft Azure to provide Infrastructure as a Service (IaaS) solutions for legacy client server workloads, rather than continuing to make capital investments in h…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question