Problem with ssl bump on Firefox 39+

Hello, i have latest stable nethserver version - 6.7. I use Transparent proxy with SSL bump. When i use google chrome or internet explorer with https sites its all ok, but when i use firefox i have strange problem with this sites - i cannot open any https site (i upload ss with my proxy setup and firefox alert)

Have you installed the CA certificate inside Firefox?

Hello. When i try open link to cert in backend nethserver (picture) then i get message “this cert is installed as CA”

It’s the hsts that’s hanging you up, quick fix is to bypass that site in the proxy, specific to ff you could look around in about:config searching for ssl and tls to see about a specific setting for it. I’m not using ns for filtering so I don’t have anything available to test.

I think something happened after the last update. I have the same problem now with firefox and it was working perfectly before the update.

Well, I’ve tryed everything: uninstalled Firefox, deleted firefox profile, deleted cert8.db, reimported nethserver certificate…no way. Is there a solution? In Chrome it works perfectly…

Yes i have same problem. In Chrome, chromium and IE its work perfect :frowning: but i use firefox :frowning: and i have problem becouse all ssl sites stop work ;/ I tried on many computers (linux mint, win7, 8 and 10) and allways its same problem.

I guess Mozilla added some extra checks…

See: https://support.mozilla.org/en-US/questions/1073420

ok i try this but i can modify in my configure firefox but i have access point with free access and all users who connect must work with https too :frowning: i must do something in neth config to global use.

I’ve Tried, but it does not work.

Yes me too. Any idea ? Meybe its a bug?

Import certificade to trusted root certification

Where i can do it ? directly on system configs/program files ?

Ok, maybe I found a solution.
If you import the certificate in firefox options it does not work so:

Go to your nethserver panel --> proxy web and right click your certificate link, then choose “open in a new window”

It will ask you to install the certificate with this window:

click “ok”

Then I got it working

Thanks for all answers i will try this solutions but until Monday because now i don’t have access to neth panel.

Ok i will check this solution and its work :), but first i delete old cert and import right click. Thanks Matteo_Contoli