Firefox unable to load SSL Certificate Chain, while Chrome, IE do

Posted by FryBurger on Server Fault See other posts from Server Fault or by FryBurger
Published on 2012-07-20T19:44:17Z Indexed on 2012/09/19 21:39 UTC
Read the original article Hit count: 162

Filed under:
|
|

I created a certificate for our IIS 6 by sending a request (created with openssl) to our organization's CA. I already had trouble to integrate the private key into that certificate, that has been solved, see SO question

IIS 6.0 now uses the certificate (with TSL v1 and SSL v3), that is the 4th in cert hierarchy. Now, if I access the intranet site, chrome accepts the certificate, so does IE, but Firefox complains about an insecure connection and wants me to add an exceptional rule. If I look into the certificate, how FF presents it to me, I cannot see any of the three issuers.

How can this be? If I connect via openssl s_client -showcerts -connect... I only see my own certificate too, which is said to be not verified. I am quite confused now. Where's the mistake and how can I make FF accept certificate without forcing our users to add that exceptionrule?

Maybe do I have to add all the three issuer certificates into cert store of the win2003 server that hosts IIS 6.0 ??

© Server Fault or respective owner

Related posts about iis6

Related posts about ssl-certificate