Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

[Hendrix] IIS 7 Self-signed certs cause Firefox 3 beta 2 to fail with a sec_error_inadequate_key_usage status

565 views
Skip to first unread message

Robert Chipperfield

unread,
Jan 8, 2008, 12:20:23 PM1/8/08
to
Name: Robert Chipperfield
Email: robertdotchipperfieldatred-gatedotcom
Product: Gran Paradiso
Summary: IIS 7 Self-signed certs cause Firefox 3 beta 2 to fail with a sec_error_inadequate_key_usage status

Comments:
Hi,

I've just been playing with IIS7 on Windows Server 2008 RC1, and found
that attempting to go to an HTTPS site hosted by IIS7 with it's
self-signed certificate leads to the following message:

"Certificate key usage inadequate for attempted operation.

(Error code: sec_error_inadequate_key_usage)"

Internet Exploder 6 lets me in (with the caveat that it's not signed by
a trusted CA, as I'd expect), and Firefox 3 beta 2 works fine with an
IIS6 (Windows Server 2003) self-signed certificate, modulo the
sec_error_unknown_issuer which I can add an exception for.

Please feel free to drop me an email if you'd like any more information,
or a copy of the certificate.

Regards,
Robert

Browser Details: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9b2) Gecko/2007121120 Firefox/3.0b2

crashe...@gmail.com

unread,
Feb 17, 2008, 8:25:02 PM2/17/08
to
On Jan 8, 12:20 pm, Robert Chipperfield <hendrix-no-

In order to open a website that would give this error I downloaded the
latest 2.* version from a binary (Ubuntu user) and started firefox
2.0.12. From there I was able to accept the certificate and open the
website. The certificate was automatically transfer to the Beta 3.*
version. Good luck! Find better workarounds!

Eric Drechsel

unread,
Mar 3, 2008, 7:02:05 PM3/3/08
to
On Feb 17, 5:25 pm, crasher52...@gmail.com wrote:
> On Jan 8, 12:20 pm, Robert Chipperfield <hendrix-no-
>
>
>
> replyatmozilladotorg> wrote:
> > Name:    Robert Chipperfield
> > Email:   robertdotchipperfieldatred-gatedotcom
> > Product: Gran Paradiso
> > Summary: IIS 7 Self-signed certs cause Firefox 3 beta 2 to fail with a sec_error_inadequate_key_usage status
>
> > Comments:
> > Hi,
>
> > I've just been playing with IIS7 on Windows Server 2008 RC1, and found
> > that attempting to go to an HTTPS site hosted by IIS7 with it's
> > self-signed certificate leads to the following message:
>
> > "Certificate key usage inadequate for attempted operation.
>
> > (Error code: sec_error_inadequate_key_usage)"
>
> > Internet Exploder 6 lets me in (with the caveat that it's not signed by
> > a trusted CA, as I'd expect), and Firefox 3 beta 2 works fine with an
> > IIS6 (Windows Server 2003) self-signed certificate, modulo the
> > sec_error_unknown_issuer which I can add an exception for.
Many self-signed certs are getting this error in FF3:
http://trac.sagemath.org/sage_trac/ticket/1754
https://bugs.launchpad.net/ubuntu/+source/cupsys/+bug/187341

Is there a document detailing the changes in certificate criteria from
FF2?

-- Eric

0 new messages