Firefox not accepting Root Certs as Valid

cchandler / certificate_authority

Ruby gem for managing the core functions outlined in RFC-3280 for PKI

194 stars 44 forks source link

Closed diogomonica closed 12 years ago

diogomonica commented 13 years ago

Firefox apparently requires both "digitalSignature" and "keyEncipherment" on the root certificate X509 extensions.

If you dont include them, Firefox returns a sec_error_inadequate_key_usage when you try to access a website signed by that specific root authority.

cchandler commented 12 years ago

Added a note to the main readme.