Exceptions for certificate errors/safe browsing errors

53 views
Skip to first unread message

Ing. Mehmet Sen

unread,
Nov 25, 2025, 9:59:52 AM (8 days ago) Nov 25
to enter...@mozilla.org
Hi!

We have enabled the following two policies in our enterprise environment. This is intended to improve security.

Prevent overriding certificate errors = Enabled
Prevent overriding safe browsing errors = Enabled

However, some internal pages are inaccessible due to this policy. I've researched this, but unfortunately haven't found a way to add these URLs as exceptions.

Is there a solution for this?

Thanks in advance.

Mike Kaply

unread,
Nov 25, 2025, 12:47:47 PM (8 days ago) Nov 25
to Ing. Mehmet Sen, enter...@mozilla.org
Can you be more specific as to what you mean?

As in people normally click on the override button to get to these specific pages?

Mike
 

Thanks in advance.

--
You received this message because you are subscribed to the Google Groups "enter...@mozilla.org" group.
To unsubscribe from this group and stop receiving emails from it, send an email to enterprise+...@mozilla.org.
To view this discussion visit https://groups.google.com/a/mozilla.org/d/msgid/enterprise/a18a726c-a1d9-4c58-95a0-42f48f389f59n%40mozilla.org.

Ing. Mehmet Sen

unread,
Nov 26, 2025, 1:15:23 AM (7 days ago) Nov 26
to enter...@mozilla.org, Mike Kaply, enter...@mozilla.org, Ing. Mehmet Sen
Yes, normally the user can access with the override button.
In our case we blocked it for security reason and the users are not be able to override any site now.
But we have some internal sites (for example network printer configuration via Web) that are not accessable with override button right now.

In Google Chrome for example we are able to configure second policy (SSLErrorOverrideAllowedForOrigins) to give access for a specific domain like "[*.]prod.company".

We need in Firefox a policy or Preferences to give a chance to override sites for the specific domain.

I hope it is now clear enough.

Thanks in advance.

Mike Kaply

unread,
Nov 26, 2025, 1:35:30 PM (7 days ago) Nov 26
to Ing. Mehmet Sen, enter...@mozilla.org
These overrides are stored in a file called "cert_override.txt" in the users profile. So you can visit the sites you need to override and then distribute that file to your users.

I realize that's not a great answer, but folks have done it in the past.

I agree we should have a policy for this (It's come up before), so I've opened this bug:

https://bugzilla.mozilla.org/show_bug.cgi?id=2002600

for it.

Hopefully we'll get to it soon.

Mike
Reply all
Reply to author
Forward
0 new messages