Firefox - Intranet SSL

Question

I am running Firefox Quantum 65.0.1.

I have an intranet site that I need to use SSL with. My SSL certificate works fine in Chrome and IE. I have access to the CSR, PEM, KEY, CERT, and P12 file for the SSL certificate.

What I did -

1. Opened Firefox
2. Opened about:preferences
3. Opened Privacy & Security
4. Opened Certificates->View Certificates
5. "Your Certificates">Import>mysite.p12
6. I go to https://mysite
7. Get exception warning. If I add an exception the site loads but I get a yellow warning that the site is insecure.
8. How do I get rid of the yellow warning stating my site is insecure when it is? I need to be able to deploy a fix to 600 computers to allow them to connect to an internal site using SSL.

IE and Chrome work fine but we HAVE to have Firefox. What am I missing for Firefox? I cannot deactivate all of the security on firefox or make it stop checking keys. I just need a single exception for this key.

Answer 1

I need to be able to deploy a fix to 600 computers to allow them to connect to an internal site using SSL.

I'm assuming you're not trying to set up client cert authentication, and just want your intranet site to be TLS encrypted...

Get a domain name and a free certificate from Let's Encrypt. Then configure the internal DNS to point that domain name to your internal websever, which can then be configured to host that domain, with the certificates. This would work internally assuming you can control DNS for all 600 machines.

This also avoids a firefox fix to 600 machines, which could quickly become a maintenence nightmare.

See this thread on security.stackexchange.com for more info.